Development and Testing of a Real-Time LoRawan Sniffer Based on GNU-Radio
This paper shows the vulnerabilities present in a wireless sensor network implemented over a long-range wide area network (LoRaWAN) LoRaWAN, and identifies possible attacks that could be made to the network using sniffing and/or replay. Attacks on the network were performed by implementing a protocol analyzer (Sniffer) to capture packets. The Sniffer was implemented using the RTL2832U hardware and visualized in Wireshark, through GNU-Radio. Tests showed that data availability and confidentiality could be threatened through replay attacks with LoRa server verification using HackRF One and GNU-Radio hardware. Although the LoRaWAN specification has, frame counters to avoid replay attacks, under given the right conditions, this measure could be violated even deny service to the node on the server.
M. H. Miraz, M. Ali, P. S. Excell, and R. Picking, “A review on Internet of Things (IoT), Internet of Everything (IoE) and Internet of Nano Things (IoNT),” in 2015 Internet Technologies and Applications (ITA), Wrexham, 2015, pp. 219–224. https://doi.org/10.1109/ITechA.2015.7317398
J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami, “Internet of Things (IoT): A vision, architectural elements, and future directions,” Futur. Gener. Comput. Syst. vol. 29, no. 7, pp. 1645–1660, Sep. 2013. https://doi.org/10.1016/j.future.2013.01.010
M. Shin, J. Ma, A. Mishra, and W. A. Arbaugh, “Wireless Network Security and Interworking,” Proc. IEEE, vol. 94, no. 2, pp. 455–466, Feb. 2006. https://doi.org/10.1109/JPROC.2005.862322
J. Botero Valencia, L. Castaño Londoño, and D. Marquez Viloria, “Trends in the Internet of Things,” TecnoLógicas, vol. 22, no. 44, pp. I–II, Jan. 2019. https://doi.org/10.22430/22565337.1241
K. Mekki, E. Bajic, F. Chaxel, and F. Meyer, “A comparative study of LPWAN technologies for large-scale IoT deployment,” ICT Express, vol. 5, no. 1, pp. 1–7, Mar. 2019. https://doi.org/10.1016/j.icte.2017.12.005
B. Singh and B. Kaur, “Comparative study of Internet of Things infrastructure and security,” in Global Wireless Submit 2016, Aarhus Denmark, 2016.
S. Serna, “Especificación de Perfil Zigbee para Monitoreo y Control de Plantas Industriales,” TecnoLógicas, no. 23, pp. 167-185, Dec. 2009. https://doi.org/10.22430/22565337.238
Q. Zhou, K. Zheng, L. Hou, J. Xing, and R. Xu, “Design and Implementation of Open LoRa for IoT,” IEEE Access, vol. 7, pp. 100649–100657, Jul. 2019. https://doi.org/10.1109/ACCESS.2019.2930243
S. Cruz-Duarte, P. A. Gaona-Garcia, and E. E. Gaona-Garcia, “Cybersecurity In Microgrids,” in 2018 6th International Conference on Future Internet of Things and Cloud Workshops (FiCloudW), Barcelona, 2018. pp. 7–12. https://doi.org/10.1109/W-FiCloud.2018.00008
I. Lee and K. Lee, “The Internet of Things (IoT): Applications, investments, and challenges for enterprises,” Bus. Horiz., vol. 58, no. 4, pp. 431–440, Jul. 2015. https://doi.org/10.1016/j.bushor.2015.03.008
E. van Es, “LoRaWAN vulnerability analysis:(in) validation of possible vulnerabilities in the LoRaWAN protocol specification.,” Tesis Maestría, Open University of the Netherlands, 2018.
E. Aras, G. S. Ramachandran, P. Lawrence, and D. Hughes, “Exploring the Security Vulnerabilities of LoRa,” in 2017 3rd IEEE International Conference on Cybernetics (CYBCONF), Exeter, 2017, pp. 1- 6.
M. A. Qadeer, A. Iqbal, M. Zahid, and M. R. Siddiqui, “Network Traffic Analysis and Intrusion Detection Using Packet Sniffer,” in 2010 Second International Conference on Communication Software and Networks, Singapore, 2010, pp.313–317. https://doi.org/10.1109/ICCSN.2010.104
“LoRa Alliance,” LoRaWANTM Specification V1.1, 2015. [En línea] Disponible en:
Github, “GitHub - rpp0/gr-lora: GNU Radio blocks for receiving LoRa modulated radio messages using SDR,” GitHub - rpp0/gr-lora: GNU Radio blocks for receiving LoRa modulated radio messages using SDR, 2019.
[En línea] Disponible en: https://github.com/rpp0/gr-lora
X. Yang, “LoRaWAN: Vulnerability Analysis and Practical Exploitation,” Tesis Maestría, Delft University of Technology, 2017. http://resolver.tudelft.nl/uuid:87730790-6166-4424-9d82-8fe815733f1e
Copyright (c) 2019 TecnoLógicas
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
The texts published in this magazine, as of June of the year 2018, are under a Creative Commons License "Recognition-Non-Commercial-Share Equal" that allows others: