Gupta Khushi, Lanka Phani, Varol Cihan
Department of Computer Science, Sam Houston State University, Huntsville, Texas, USA.
J Forensic Sci. 2024 Jul;69(4):1320-1333. doi: 10.1111/1556-4029.15548. Epub 2024 May 28.
In the last decade, the market share and user base of social media applications have witnessed significant growth. However, this surge in popularity has inadvertently drawn the attention of criminals aiming to exploit these platforms for illicit activities. The forensic examination of these applications emerges as a pivotal avenue for uncovering valuable insights into criminal behavior and identifying suspects. Discord, a social media platform, has become a significant focal point for such illicit activities. In this paper, we examine the remnants of Discord on both Windows and Linux operating systems, employing storage, memory, and network analysis techniques to review the remnants of Discord. Our investigation reveals a range of crucial artifacts that have been successfully recovered across all three areas of analysis, including login and payment details, chat history, account information, and much more. Collectively, these artifacts constitute a valuable resource for forensic investigations, allowing the reconstruction of most of the user's activity.
在过去十年中,社交媒体应用程序的市场份额和用户基数显著增长。然而,这种人气的飙升无意中引起了犯罪分子的注意,他们企图利用这些平台进行非法活动。对这些应用程序进行法医检查成为揭示犯罪行为宝贵见解和识别嫌疑人的关键途径。Discord,一个社交媒体平台,已成为此类非法活动的重要焦点。在本文中,我们检查了Windows和Linux操作系统上Discord的残留数据,采用存储、内存和网络分析技术来审查Discord的残留数据。我们的调查揭示了在所有三个分析领域都成功恢复的一系列关键工件,包括登录和支付细节、聊天历史、账户信息等等。总体而言,这些工件构成了法医调查的宝贵资源,有助于重建用户的大部分活动。