Development and Testing of a Real-Time LoRawan Sniffer Based on GNU-Radio

Keywords: Internet of Things, Long Range Wide Area Network, Data Security, Sniffer, GNU-Radio

Abstract

This paper shows the vulnerabilities present in a wireless sensor network implemented over a long-range wide area network (LoRaWAN) LoRaWAN, and identifies possible attacks that could be made to the network using sniffing and/or replay. Attacks on the network were performed by implementing a protocol analyzer (Sniffer) to capture packets. The Sniffer was implemented using the RTL2832U hardware and visualized in Wireshark, through GNU-Radio. Tests showed that data availability and confidentiality could be threatened through replay attacks with LoRa server verification using HackRF One and GNU-Radio hardware. Although the LoRaWAN specification has, frame counters to avoid replay attacks, under given the right conditions, this measure could be violated even deny service to the node on the server.

Author Biographies

Andrés F. Bravo-Montoya, Universidad Distrital Francisco José de Caldas, Colombia

Estudiante de Ingeniería Electrónica, Facultad de ingeniería, Universidad Distrital Francisco José de Caldas, Bogotá-Colombia, afbravom@correo.udistrital.edu.co

Jefersson S. Rondón-Sanabria, Universidad Distrital Francisco José de Caldas, Colombia

Estudiante de Ingeniería Electrónica, Facultad de ingeniería, Universidad Distrital Francisco José de Caldas, Bogotá-Colombia, jsrondons@correo.udistrital.edu.co

Elvis E. Gaona-García*, Universidad Distrital Francisco José de Caldas, Colombia

PhD. en Ingeniería, Universidad Distrital Francisco José de Caldas, Bogotá-Colombia, egaona@udistrital.edu.co

References

M. H. Miraz, M. Ali, P. S. Excell, and R. Picking, “A review on Internet of Things (IoT), Internet of Everything (IoE) and Internet of Nano Things (IoNT),” in 2015 Internet Technologies and Applications (ITA), Wrexham, 2015, pp. 219–224. https://doi.org/10.1109/ITechA.2015.7317398

J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami, “Internet of Things (IoT): A vision, architectural elements, and future directions,” Futur. Gener. Comput. Syst. vol. 29, no. 7, pp. 1645–1660, Sep. 2013. https://doi.org/10.1016/j.future.2013.01.010

M. Shin, J. Ma, A. Mishra, and W. A. Arbaugh, “Wireless Network Security and Interworking,” Proc. IEEE, vol. 94, no. 2, pp. 455–466, Feb. 2006. https://doi.org/10.1109/JPROC.2005.862322

J. Botero Valencia, L. Castaño Londoño, and D. Marquez Viloria, “Trends in the Internet of Things,” TecnoLógicas, vol. 22, no. 44, pp. I–II, Jan. 2019. https://doi.org/10.22430/22565337.1241

K. Mekki, E. Bajic, F. Chaxel, and F. Meyer, “A comparative study of LPWAN technologies for large-scale IoT deployment,” ICT Express, vol. 5, no. 1, pp. 1–7, Mar. 2019. https://doi.org/10.1016/j.icte.2017.12.005

B. Singh and B. Kaur, “Comparative study of Internet of Things infrastructure and security,” in Global Wireless Submit 2016, Aarhus Denmark, 2016.

S. Serna, “Especificación de Perfil Zigbee para Monitoreo y Control de Plantas Industriales,” TecnoLógicas, no. 23, pp. 167-185, Dec. 2009. https://doi.org/10.22430/22565337.238

Q. Zhou, K. Zheng, L. Hou, J. Xing, and R. Xu, “Design and Implementation of Open LoRa for IoT,” IEEE Access, vol. 7, pp. 100649–100657, Jul. 2019. https://doi.org/10.1109/ACCESS.2019.2930243

S. Cruz-Duarte, P. A. Gaona-Garcia, and E. E. Gaona-Garcia, “Cybersecurity In Microgrids,” in 2018 6th International Conference on Future Internet of Things and Cloud Workshops (FiCloudW), Barcelona, 2018. pp. 7–12. https://doi.org/10.1109/W-FiCloud.2018.00008

I. Lee and K. Lee, “The Internet of Things (IoT): Applications, investments, and challenges for enterprises,” Bus. Horiz., vol. 58, no. 4, pp. 431–440, Jul. 2015. https://doi.org/10.1016/j.bushor.2015.03.008

E. van Es, “LoRaWAN vulnerability analysis:(in) validation of possible vulnerabilities in the LoRaWAN protocol specification.,” Tesis Maestría, Open University of the Netherlands, 2018.

E. Aras, G. S. Ramachandran, P. Lawrence, and D. Hughes, “Exploring the Security Vulnerabilities of LoRa,” in 2017 3rd IEEE International Conference on Cybernetics (CYBCONF), Exeter, 2017, pp. 1- 6.

https://doi.org/10.1109/CYBConf.2017.7985777

M. A. Qadeer, A. Iqbal, M. Zahid, and M. R. Siddiqui, “Network Traffic Analysis and Intrusion Detection Using Packet Sniffer,” in 2010 Second International Conference on Communication Software and Networks, Singapore, 2010, pp.313–317. https://doi.org/10.1109/ICCSN.2010.104

“LoRa Alliance,” LoRaWANTM Specification V1.1, 2015. [En línea] Disponible en:

https://lora-alliance.org/resource-hub/lorawanr-specification-v11

Github, “GitHub - rpp0/gr-lora: GNU Radio blocks for receiving LoRa modulated radio messages using SDR,” GitHub - rpp0/gr-lora: GNU Radio blocks for receiving LoRa modulated radio messages using SDR, 2019.

[En línea] Disponible en: https://github.com/rpp0/gr-lora

X. Yang, “LoRaWAN: Vulnerability Analysis and Practical Exploitation,” Tesis Maestría, Delft University of Technology, 2017. http://resolver.tudelft.nl/uuid:87730790-6166-4424-9d82-8fe815733f1e

How to Cite
Bravo-Montoya, A. F., Rondón-Sanabria, J. S., & Gaona-García, E. E. (2019). Development and Testing of a Real-Time LoRawan Sniffer Based on GNU-Radio. TecnoLógicas, 22(46), 185-194. https://doi.org/10.22430/22565337.1491

Downloads

Download data is not yet available.
Published
2019-09-20
Section
Research Papers