Your browser does not support JavaScript!
http://iet.metastore.ingenta.com
1887

access icon free IoT security vulnerabilities and predictive signal jamming attack analysis in LoRaWAN

Internet of Things (IoT) gains popularity in recent times due to its flexibility, usability, diverse applicability and ease of deployment. However, the issues related to security are less explored. The IoT devices are light weight in nature and have low computation power, low battery life and low memory. As incorporating security features are resource expensive, IoT devices are often found to be less protected and in recent times, more IoT devices have been routinely attacked due to high profile security flaws. This study aims to explore the security vulnerabilities of IoT devices particularly that use low power wide area networks (LPWANs). In this work, long range wide area network (LoRaWAN) based IoT security vulnerabilities are scrutinised and loopholes are identified. An attack was designed and simulated with the use of a predictive model of the device data generation. The study demonstrated that by predicting the data generation model, the jamming attack can be carried out to block devices from sending data successfully. This research will aid in the continual development of any necessary countermeasures and mitigations for LoRaWAN and LPWAN functionality of IoT networks in general.

References

    1. 1)
      • 21. You, I., Kwon, S., Choudhary, G., et al: ‘An enhanced LoRaWAN security protocol for privacy preservation in IoT with a case study on a smart factory-enabled parking system’, Sensors, 2018, 18, (6), p. 1888.
    2. 2)
      • 25. LoRa-Alliance: ‘LoRaWAN what is it? A technical overview of LoRa and LoRaWAN LoRa alliance’, 2015.
    3. 3)
      • 6. Talwana, J.C., Hua, H.J.: ‘Smart world of Internet of Things (IoT) and its security concerns’. 2016 IEEE Int. Conf. on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), Chengdu, China, 2016, pp. 240245.
    4. 4)
      • 13. Khan, M.A., Salah, K.: ‘IoT security: review, blockchain solutions, and open challenges’, Future Gener. Comput. Syst., 2018, 82, pp. 395411.
    5. 5)
      • 22. Bardyn, J.P., Melly, T., Seller, O., et al: ‘IoT: the era of LPWAN is starting now’. ESSCIRC Conf. 2016: 42nd European Solid-State Circuits Conf., Lausanne, Switzerland, 2016, pp. 2530.
    6. 6)
      • 19. Tsai, K.L., Huang, Y.L., Leu, F.Y., et al: ‘AES-128 based secure low power communication for LoRaWAN IoT environments’, IEEE. Access., 2018, 6, pp. 4532545334.
    7. 7)
      • 8. Moganedi, S., Mtsweni, J.: ‘Beyond the convenience of the Internet of Things: security and privacy concerns’. IST-Africa Week Conf., Windhoek, Namibia, 2017, pp. 110.
    8. 8)
      • 26. Na, S., Hwang, D., Shin, W., et al: ‘Scenario and countermeasure for replay attack using join request messages in LoRaWAN’. 2017 Int. Conf. on Information Networking (ICOIN), Da Nang, Vietnam, 2017, pp. 718720.
    9. 9)
      • 16. Eldefrawy, M., Butun, I., Pereira, N., et al: ‘Formal security analysis of LoRaWAN’, Comput. Netw., 2019, 148, pp. 328339.
    10. 10)
      • 14. Grammatikis, P.I.R., Sarigiannidis, P.G., Moscholios, I.D.: ‘Securing the Internet of Things: challenges, threats and solutions’, Internet of Things, 2019, 5, pp. 4170.
    11. 11)
      • 29. Lee, J., Hwang, D., Park, J., et al: ‘Risk analysis and countermeasure for bit-flipping attack in LoRaWAN’. 2017 Int. Conf. on Information Networking (ICOIN), Da Nang, Vietnam, 2017, pp. 549551.
    12. 12)
      • 7. Iskhakov, S., Meshcheryakov, R., Iskhakova, A., et al: ‘Analysis of vulnerabilities in low-power wide-area networks by example of the LoRaWAN’. IV Int. research Conf. ‘Information technologies in Science, Management, Social sphere and Medicine’ (ITSMSSM 2017), Tomsk, Russia, 2017.
    13. 13)
      • 18. Bui, D.H., Puschini, D., Bacles-Min, S., et al: ‘AES datapath optimization strategies for low-power low-energy multisecurity-level internet-of-things applications’, IEEE Trans. Very Large Scale Integr. (VLSI) Syst., 2017, 25, (12), pp. 32813290.
    14. 14)
      • 3. Meulen, R.V.D.: ‘Gartner says 8.4 billion connected ‘things’ will be in use in 2017 up 31 percent from 2016’, Gartner Letzte Aktualisierung, 2017, 7, p. 2017.
    15. 15)
      • 15. Tomasin, S., Zulian, S., Vangelista, L.: ‘Security analysis of LoRaWAN join procedure for Internet of Things networks’. 2017 IEEE Wireless Communications and Networking Conf. Workshops (WCNCW), San Francisco, CA, USA, 2017, pp. 16.
    16. 16)
      • 23. Adelantado, F., Vilajosana, X., Tuset-Peiro, P., et al: ‘Understanding the limits of LoRaWAN’, IEEE Commun. Mag., 2017, 55, (9), pp. 3440.
    17. 17)
      • 20. Tsai, K.L., Leu, F.Y., Chang, S.W., et al: ‘A LoRaWAN based energy efficient data encryption method’. Int. Conf. on Innovative Mobile and Internet Services in Ubiquitous Computing, Sydney, Australia, 2019, pp. 493502.
    18. 18)
      • 30. Aras, E., Small, N., Ramachandran, G.S., et al: ‘Selective jamming of LoRaWAN using commodity hardware’. Proc. of the 14th EAI Int. Conf. on Mobile and Ubiquitous Systems: Computing, Networking and Services, Melbourne, Australia, 2017, pp. 363372.
    19. 19)
      • 24. de Carvalho-Silva, J., Rodrigues, J.J., Alberti, A.M., et al: ‘LoRaWAN-A low power WAN protocol for Internet of Things: a review and opportunities’. 2017 2nd Int. Multidisciplinary Conf. on Computer and Energy Science (SpliTech), Split, Croatia, 2017, pp. 16.
    20. 20)
      • 2. Kim, J., Lee, J., Kim, J., et al: ‘M2M service platforms: survey, issues, and enabling technologies’, IEEE Commun. Surv. Tutorials, 2013, 16, (1), pp. 6176.
    21. 21)
      • 11. Kolias, C., Kambourakis, G., Stavrou, A., et al: ‘DDoS in the IoT: Mirai and other botnets’, Computer, 2017, 50, (7), pp. 8084.
    22. 22)
      • 12. Teng, C.C., Gong, J.W., Wang, Y.S., et al: ‘Firmware over the air for home cybersecurity in the Internet of Things’. 2017 19th Asia-Pacific Network Operations and Management Symp. (APNOMS), Seoul, Korea, 2017, pp. 123128.
    23. 23)
      • 28. ‘LoRaWAN Security’. Accessed: 2018-03-18. Available at https://www.thethingsnetwork.org/docs/lorawan/security.html.
    24. 24)
      • 17. Alharam, A.K., El-Madany, W.: ‘Complexity of cyber security architecture for IoT healthcare industry: a comparative study’. 2017 5th Int. Conf. on Future Internet of Things and Cloud Workshops (FiCloudW), Prague, Czech Republic, 2017, pp. 246250.
    25. 25)
      • 27. Miller, R.: ‘Lora security: building a secure LoRa solution’, MWR Labs Whitepaper, 2016.
    26. 26)
      • 5. Tanczer, L., Brass, I., Elsden, M., et al: ‘The United Kingdom's emerging Internet of Things (IoT) policy landscape’, in Ellis, R., Mohan, V. (Eds.): ‘Rewired: cybersecurity governance’ (Wiley, USA, 2019), pp. 3756.
    27. 27)
      • 1. Index, C.V.N.: ‘Global mobile data traffic forecast update, 2016–2021 white paper’, Cisco, San Jose, CA, USA, 2017.
    28. 28)
      • 10. Constantin, L.: ‘Hackers found 47 new vulnerabilities in 23 IoT devices at DEF CON’, CSO Website, 2016.
    29. 29)
      • 9. Mansfield-Devine, S.: ‘Weaponising the Internet of Things’, Netw. Secur., 2017, 2017, (10), pp. 1319.
    30. 30)
      • 4. Da-Xu, L., He, W., Li, S.: ‘Internet of things in industries: a survey’, IEEE Trans. Ind. Inf., 2014, 10, (4), pp. 22332243.
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs.2019.0447
Loading

Related content

content/journals/10.1049/iet-ifs.2019.0447
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
This is a required field
Please enter a valid email address