STRIKE: A Structured Taxonomy of Cybercrime for Risk, Impact, Knowledge, and Evolution

TL;DR

The paper introduces STRIKE, a comprehensive multi-dimensional taxonomy for classifying modern cybercrimes, aiding threat analysis and adaptive defense strategies.

Contribution

It presents a novel structured taxonomy covering diverse cyber threats and reviews detection methods and response workflows for practical cybersecurity applications.

Findings

STRIKE categorizes threats by attack vectors, tactics, impact, detection, and mitigation.

It covers both traditional and emerging cyber threats like ransomware, deepfakes, and supply chain attacks.

Provides a unified framework to enhance threat understanding and response.

Abstract

Cybercrime has grown exponentially in both scale and sophistication, posing significant threats. As attack methods evolve rapidly, traditional classification schemes often fail to capture the complexity and diversity of modern threats. To address this gap, we introduce STRIKE,a Structured Taxonomy for Risk, Impact, Knowledge, and Emerging Threats, which provides a unified, multi-dimensional framework for categorizing cybercrimes. STRIKE spans both conventional and emerging domains, including ransomware, phishing, network intrusion, child sexual abuse material (CSAM), cryptojacking, deepfakes, and supply chain attacks. It organizes threats using criteria such as attack vectors, adversarial tactics, societal impact, detection techniques, and mitigation strategies. Alongside the taxonomy, we review recent advances in detection methodologies and present a response workflow to assist practitioners under active threat conditions. This work offers researchers, security professionals, and policymakers a practical foundation for threat analysis, comparative evaluation, and adaptive cyber defense.