0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

iOS Forensics for Investigators

You're reading from iOS Forensics for Investigators Take mobile forensics to the next level by analyzing, extracting, and reporting sensitive evidence

Product type Paperback

Published in May 2022

Publisher Packt

ISBN-13 9781803234083

Length 316 pages

Edition 1st Edition

Tools

iOS

Concepts

Forensics

Author (1):

Gianluca Tiepolo

View More author details

Table of Contents (17) Chapters

Preface

1. Section 1 – Data Acquisition from iOS Devices

2. Chapter 1: Introducing iOS Forensics FREE CHAPTER

3. Chapter 2: Data Acquisition from iOS Devices

4. Section 2 – iOS Data Analysis

5. Chapter 3: Using Forensic Tools

6. Chapter 4: Working with Common iOS Artifacts

7. Chapter 5: Pattern-of-Life Forensics

8. Chapter 6: Dissecting Location Data

9. Chapter 7: Analyzing Connectivity Data

10. Chapter 8: Email and Messaging Forensics

11. Chapter 9: Photo, Video, and Audio Forensics

12. Chapter 10: Analyzing Third-Party Apps

13. Chapter 11: Locked Devices, iTunes Backups, and iCloud Forensics

14. Section 3 – Reporting

15. Chapter 12: Writing a Forensic Report and Building a Timeline

16. Other Books You May Enjoy

Logs, events, and user interaction

At the start of this chapter, we introduced pattern-of-life forensics, and we learned how iOS stores and analyzes a number of user events and device events. Then, we went through the most common sources of data, such as the KnowledgeC.db database, and learned how iOS represents time through Unix timestamps and Mac absolute time.

Now, we'll take an in-depth look at one of the most forensically interesting SQLite databases you will find on an iOS device.

The KnowledgeC database

KnowledgeC.db is the SQLite database that tracks almost all activity and device events, ranging from battery level to what music was played. The database is located at /private/var/mobile/Library/CoreDuet/Knowledge/, and it is only accessible through a full filesystem acquisition. The database is made of 16 tables, although most of the useful data is concentrated in one of them, the ZOBJECT table.

The following screenshot shows the database schema:

...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (1)

Tiepolo

Tiepolo

Gianluca Tiepolo is a cybersecurity researcher who specializes in mobile forensics and incident response. He holds a BSc degree in Computer Science and an MSc in Information Security, as well as several security-related certifications. Over the past 12 years, he has performed security monitoring, threat hunting, incident response, and intelligence analysis as a consultant for dozens of organizations, including several Fortune 100 companies. Gianluca is also the co-founder of the startup Sixth Sense Solutions, which developed AI-based anti-fraud solutions. Today, Gianluca works as a Security Delivery Team Lead for consulting firm Accenture Security. In 2016, he authored the book Getting Started with RethinkDB, published by Packt Publishing.

See other products by Tiepolo

Personalised recommendations for you

Based on your interests and search pattern

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m