Pospisil, O.; Fujdiak, R.; Mikhaylov, K.; Ruotsalainen, H.; Misurec, J. Testbed for LoRaWAN Security: Design and Validation through Man-in-the-Middle Attacks Study. Appl. Sci. 2021, 11, 7642. https://doi.org/10.3390/app11167642
Testbed for LoRaWAN security : design and validation through man-in-the-middle attacks study
|Author:||Pospisil, Ondrej1; Fujdiak, Radek1; Mikhaylov, Konstantin2;|
1Department of Telecommunications, Faculty of Electrical Engineering and Communication, Brno University of Technology, Technicka 12, 61600 Brno, Czech Republic
2Centre for Wireless Communications, University of Oulu, Erkki Koiso-Kanttilan katu 3, 90014 Oulu, Finland
3Institute of IT Security Research, St. Pölten University of Applied Sciences, Campus-Platz 1, 3100 St. Pölten, Austria
|Online Access:||PDF Full Text (PDF, 9.8 MB)|
|Persistent link:|| http://urn.fi/urn:nbn:fi-fe2021082744482
Multidisciplinary Digital Publishing Institute,
|Publish Date:|| 2021-08-27
The low-power wide-area (LPWA) technologies, which enable cost and energy-efficient wireless connectivity for massive deployments of autonomous machines, have enabled and boosted the development of many new Internet of things (IoT) applications; however, the security of LPWA technologies in general, and specifically those operating in the license-free frequency bands, have received somewhat limited attention so far. This paper focuses specifically on the security and privacy aspects of one of the most popular license-free-band LPWA technologies, which is named LoRaWAN. The paper’s key contributions are the details of the design and experimental validation of a security-focused testbed, based on the combination of software-defined radio (SDR) and GNU Radio software with a standalone LoRaWAN transceiver. By implementing the two practical man-in-the-middle attacks (i.e., the replay and bit-flipping attacks through intercepting the over-the-air activation procedure by an external to the network attacker device), we demonstrate that the developed testbed enables practical experiments for on-air security in real-life conditions. This makes the designed testbed perspective for validating the novel security solutions and approaches and draws attention to some of the relevant security challenges extant in LoRaWAN.
|Type of Publication:||
A1 Journal article – refereed
|Field of Science:||
213 Electronic, automation and communications engineering, electronics
The research was funded by the Technology Agency of the Czech Republic under Grant reg. No. TK02030013. The work of K.M. was also supported by the Academy of Finland 6Genesis Flagship under Grant No. 318927.
|Academy of Finland Grant Number:||
318927 (Academy of Finland Funding decision)
© 2021 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).