IoT is a combination of conventional systems, sensors, clouds, smartphone apps, online applications and control systems that influence every part of people's lives. With increasingly heterogeneous devices and data processing, security issues are growing. The fact that most IoT software and systems are not entirely protected and vulnerable to such threats is often widely understood. On average, 60% of IoT software and gadgets are correlated with some type of vulnerability. It is becoming easier for an adversary to hack into a program, make it unusable, or capture sensitive information and data. The impact of the different threats varies considerably: some affect the security or quality of the records, while others affect the availability of the device. At present, companies are trying to recognize what the risks to their information assets are and how to access the appropriate means to tackle them, which appears to be an obstacle. To improve understanding of security threats, this paper summarizes IoT security attacks and establishes taxonomy based on the application domain and the design of the architecture.