miun.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Security Risk Analysis of LoRaWAN and Future Directions
Mid Sweden University, Faculty of Science, Technology and Media, Department of Information Systems and Technology.ORCID iD: 0000-0002-1723-5741
School of Engineering (DEI/ISEP), Polytechnic of Porto (IPP), 4200-072 Porto, Portugal.ORCID iD: 0000-0001-6370-9373
Mid Sweden University, Faculty of Science, Technology and Media, Department of Information Systems and Technology.ORCID iD: 0000-0003-0873-7827
2019 (English)In: Future Internet, ISSN 1999-5903, E-ISSN 1999-5903, Vol. 11, no 1, article id 3Article in journal (Refereed) Published
Abstract [en]

LoRa (along with its upper layers definition—LoRaWAN) is one of the most promising Low Power Wide Area Network (LPWAN) technologies for implementing Internet of Things (IoT)-based applications. Although being a popular technology, several works in the literature have revealed vulnerabilities and risks regarding the security of LoRaWAN v1.0 (the official 1st specification draft). The LoRa-Alliance has built upon these findings and introduced several improvements in the security and architecture of LoRa. The result of these efforts resulted in LoRaWAN v1.1, released on 11 October 2017. This work aims at reviewing and clarifying the security aspects of LoRaWAN v1.1. By following ETSI guidelines, we provide a comprehensive Security Risk Analysisof the protocol and discuss several remedies to the security risks described. A threat catalog is presented, along with discussions and analysis in view of the scale, impact, and likelihood of each threat. To the best of the authors’ knowledge, this work is one of the first of its kind, by providing a detailed security risk analysis related to the latest version of LoRaWAN. Our analysis highlights important practical threats, such as end-device physical capture, rogue gateway and self-replay, which require particular attention by developers and organizations implementing LoRa networks.

Place, publisher, year, edition, pages
2019. Vol. 11, no 1, article id 3
Keywords [en]
internet of things, sensor node, LPWAN, attacks, threats, vulnerabilities, IoT, analysis, risk, assessment, low power, LoRa, v1.1
National Category
Engineering and Technology
Identifiers
URN: urn:nbn:se:miun:diva-35663DOI: 10.3390/fi11010003ISI: 000457221400002Scopus ID: 2-s2.0-85060234829OAI: oai:DiVA.org:miun-35663DiVA, id: diva2:1290066
Projects
SMART (Smarta system och tjänster för ett effektivt och innovativt samhälle)Available from: 2019-02-19 Created: 2019-02-19 Last updated: 2019-09-09Bibliographically approved

Open Access in DiVA

fulltext(1111 kB)148 downloads
File information
File name FULLTEXT01.pdfFile size 1111 kBChecksum SHA-512
a7b835b53f6873f32b36693535e6c73195f9578f4987cbdc3c2bc50d503dadbd56ac2f2828084c7ce5154eca85e5c0140210d7995449f33709cc735510c207fa
Type fulltextMimetype application/pdf

Other links

Publisher's full textScopus

Authority records BETA

Butun, IsmailGidlund, Mikael

Search in DiVA

By author/editor
Butun, IsmailPereira, NunoGidlund, Mikael
By organisation
Department of Information Systems and Technology
In the same journal
Future Internet
Engineering and Technology

Search outside of DiVA

GoogleGoogle Scholar
Total: 148 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 179 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf