Energy attack in Lorawan : experimental validation
Mikhaylov, Konstantin; Fujdiak, Radek; Pouttu, Ari; Miroslav, Voznak; Malina, Lukas; Mlynek, Petr (2019-08-31)
Konstantin Mikhaylov, Radek Fujdiak, Ari Pouttu, Voznak Miroslav, Lukas Malina, and Petr Mlynek. 2019. Energy Attack in LoRaWAN: Experimental Validation. In Proceedings of the 14th International Conference on Availability, Reliability and Security (ARES ’19). Association for Computing Machinery, New York, NY, USA, Article 74, 1–6. DOI: https://doi.org/10.1145/3339252.3340525
© 2019 Copyright held by the owner/author(s). Publication rights licensed to ACM. This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in 14th International Conference on Availability, Reliability and Security, ARES 2019, https://doi.org/10.1145/3339252.3340525.
Myriads of new devices take their places around us every single day, making a decisive step towards bringing the concept of the Internet of Things (IoT) in reality. The Low Power Wide Area Networks (LPWANs) are today considered to be one of the most perspective connectivity enablers for the resource and traffic limited IoT. In this paper, we focus on one of the most widely used LPWAN technologies, named LoRaWAN. Departing from the traditional data-focused security attacks, in this study we investigate the robustness of LoRaWAN against energy (depletion) attacks. For many IoT devices, the energy is a limited and very valuable resource, and thus in the near future the device’s energy may become the target of an intentional attack. Therefore, in the paper, we first define and discuss the possible energy attack vectors, and then experimentally validate the feasibility of an energy attack over one of these vectors. Our results decisively show that energy attacks in LoRaWAN are possible and may cause the affected device to lose a substantial amount of energy. Specifically, depending on the device’s SF (Spreading Factor), the demonstrated attack increased the total energy consumption during a single communication event 36% to 576%. Importantly, the shown attack does not require the attacker to have any keys or other confidential data and can be carried against any LoRaWAN device. The presented results emphasize the importance of energy security for LPWANs in particular, and IoT in general.
- Avoin saatavuus