STRIKE: A Structured Taxonomy of Cybercrime for Risk, Impact, Knowledge, and Evolution

Abstract

Cybercrime has grown exponentially in both scale and sophistication, posing significant threats. As attack methods evolve rapidly, traditional classification schemes often fail to capture the complexity and diversity of modern threats. To address this gap, we introduce STRIKE,a Structured Taxonomy for Risk, Impact, Knowledge, and Emerging Threats, which provides a unified, multi-dimensional framework for categorizing cybercrimes. STRIKE spans both conventional and emerging domains, including ransomware, phishing, network intrusion, child sexual abuse material (CSAM), cryptojacking, deepfakes, and supply chain attacks. It organizes threats using criteria such as attack vectors, adversarial tactics, societal impact, detection techniques, and mitigation strategies. Alongside the taxonomy, we review recent advances in detection methodologies and present a response workflow to assist practitioners under active threat conditions. This work offers researchers, security professionals, and policymakers a practical foundation for threat analysis, comparative evaluation, and adaptive cyber defense.