Network Security Performance Analysis of Mobile Voice Over IP Application (mVoIP): Kakao Talk, WhatsApp, Telegram and Facebook Messenger
Keywords:VoIP application, mobile application, encryption ability, authentication ability, android application
VoIP application usage has increased from time to time and makes our daily life more convenient. VoIP application has features to make a phone call, send a text message and share the file through the apps for free. However, most of the users did not seem aware of VoIP security features such as authentication ability, password encryption ability, or voice or audio and text communication encryption ability. It is essential to ensure the VoIP used is secure from password decrypter and eavesdrops the user conversation. Thus, the first objective of this research was to study and investigate VoIP application consist of Kakao Talk, Telegram, Facebook Messenger and WhatsApp for both Android and web application. The second objective was to evaluate the four VoIP application identified based on authentication requirement, password encryption, voice or audio encryption communication, and text encryption communication. There were two mobile phones used. One acts as a client and a personal computer act as an attacker. Wireshark and packet capture were run in personal computer and mobile phone to monitoring and scanning the network traffic while both devices connected in the same WLAN. The experiment implements MITM, interception, and sniffing attacks. This research project has identified Facebook Messenger and WhatsApp web application do not provide secure password ability.
Azfar, A., Choo, K. K. R., & Liu, L. (2014). A study of ten popular Android mobile VoIP applications: Are the communications encrypted? Proceedings of the Annual Hawaii International Conference on System Sciences, 4858–4867. https://doi.org/10.1109/HICSS.2014.596
Babkin, S., & Epishkina, A. (2019). Authenticatiоn Prоtоcоls Based оn Оne-Time Passwоrds. 1794–1798.
Carvajal, L., Chen, L., Varol, C., & Rawat, D. (2016). Detecting unprotected SIP-based Voice over IP traffic. 4th International Symposium on Digital Forensics and Security, ISDFS 2016 - Proceeding, 44–48. https://doi.org/10.1109/ISDFS.2016.7473515
Chakraborty, T., Misra, I. S., & Prasad, R. (2019). VoIP Protocol Fundamentals. 25–47. https://doi.org/10.1007/978-3-319-95594-0_2
Rohini, S., & Bairagi, V. (2010). Lossless Medical Image Security. International Journal of Applied Engineering Research, 1(3), 536–541.
Supervision, B. (2012). How Strong Is Strong User Authentication ?5. Retrieved from https://www.isaca.org/Journal/archives/2012/Volume-5/Pages/How-Strong-is-Strong-User-Authentication.aspx
Telegram. (2014). MTProto Mobile Protocol. 1–6. Retrieved from https://core.telegram.org/mtproto
Trabelsi, Z. (2005). Switched network sniffers detection technique based on IP packet routing. Information Systems Security, 14(4), 51–60. https://doi.org/10.1201/1086.1065898X/45518.104.22.16850901/90089.7
WhatsApp. (2019). Frequently Asked Questions KAINOS + Frequently Asked Questions. (1099), 1–3. Retrieved from https://faq.whatsapp.com/
Wireshark. (2019). Learn Knowledge is Power Go Beyond With SharkFest Sponsors About Wireshark. 1–9. Retrieved from https://www.wireshark.org/index.html#aboutWS
How to Cite
Copyright (c) 2020 Nur Khairani Kamarudin, Nur Syafiqa Bismi, Nurul Hidayah Ahmad Zukri, Mohd Faris Mohd Fuzi, Rashidah Ramle
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.