| 1. |
- Mohamed, Ali, et al.
(author)
-
Enhancing Cyber Security of LoRaWAN Gateways under Adversarial Attacks
- 2022
-
In: Sensors. - : MDPI AG. - 1424-8220. ; 22:9
-
Journal article (peer-reviewed)abstract
- The Internet of Things (IoT) has disrupted the IT landscape drastically, and Long Range Wide Area Network (LoRaWAN) is one specification that enables these IoT devices to have access to the Internet. Former security analyses have suggested that the gateways in LoRaWAN in their current state are susceptible to a wide variety of malicious attacks, which can be notoriously difficult to mitigate since gateways are seen as obedient relays by design. These attacks, if not addressed, can cause malfunctions and loss of efficiency in the network traffic. As a solution to this unique problem, this paper presents a novel certificate authentication technique that enhances the cyber security of gateways in the LoRaWAN network. The proposed technique considers a public key infrastructure (PKI) solution that considers a two-tier certificate authority (CA) setup, such as a root-CA and intermediate-CA. This solution is promising, as the simulation results validate that about 66.67% of the packets that are arriving from an illegitimate gateway (GW) are discarded in our implemented secure and reliable solution.
|
|
| 2. |
- Qadir, Junaid, et al.
(author)
-
Mitigating Cyber Attacks in LoRaWAN via Lightweight Secure Key Management Scheme
- 2023
-
In: IEEE Access. - : Institute of Electrical and Electronics Engineers (IEEE). - 2169-3536. ; 11, s. 68301-68315
-
Journal article (peer-reviewed)abstract
- Owing to the geographically scattered end devices (EDs) in long-range wide area networks (LoRaWAN), devices that combat challenging cyber threats and attacks are of critical significance. In this perspective, LoRa Alliance((R)) is continuously evolving the security of LoRaWAN and recently introduced a new version i.e., LoRaWAN 1.1x that is featured with security improvement. However, the wireless nature of LoRaWAN implementation still leaves it vulnerable to security breaches that compromise its integrity. Several problems have been pinpointed in the newer version such as one issue with key distribution in LoRaWAN 1.1 is that the keys are often pre-installed on the devices at the time of manufacturing. It can introduce security risks if the keys are not adequately protected or if the devices are compromised before they are deployed. In other words, the pre-installed keys may not be updated regularly, which can also introduce security risks. Thus, the keys need to be handled securely to maintain the security of the network and the over-the-air firmware updates feature could introduce new security challenges for the key distribution. This paper presents a key generation and distribution (KGD) mechanism that securely exchanges the root key between the ED and the application server (AS). The KGD protocol provides authentication by integrating Advanced Encryption Standard (AES-128) in addition to a secure hash function known as Argon2. The proposed protocol utilizes Elliptic-Curve Diffie-Hellman (ECDH) key exchange method that makes the protocol resilient to cyber threats. The ECDH algorithm exchanges the keys on the insecure channels and is, therefore, vulnerable to Man-in-the-Middle (MITM) attacks in the network. Therefore, to validate the key agreement and avoid adversaries, the KGD protocol considers the Elliptic Curve Digital Signature Algorithm (ECDSA) that authenticates and allows legitimate instances in the network. In last, a formal security analysis using the Scyther tool validates the security enhancement of the KGD protocol.
|
|
| 3. |
- Qadir, Junaid, et al.
(author)
-
Review of Security Vulnerabilities in LoRaWAN
- 2023
-
In: Applications in Electronics Pervading Industry, Environment and Society - APPLEPIES 2022. - : Springer Nature. ; , s. 248-254
-
Conference paper (peer-reviewed)abstract
- The realm of Low Power Wide Area Network (LPWAN) has a paramount influence on the way we work and live. For instance, real-time applications and rapid packet transiting for long-range have now come into practice that was previously considered mysterious. However, euphoria becomes a problem when it comes to security considerations, as low-power devices possess limited processing units that are unable to elucidate robust security algorithms. In this case, the Low Power Wide Area Network (LoRaWAN) stepped into a technological competition that filled the gap by adopting the end-to-end security feature. Though, LoRaWAN protocol entails fundamental security requirements but the implementation matters. This paper presents security analyses in the LoRaWAN networks. In addition, we provide a bibliometric overview of security considerations in LoRaWAN that helps researchers for thorough insights and implementation.
|
|
| 4. |
- Qadir, Junaid, et al.
(author)
-
Towards Smart Sensing Systems : A New Approach to Environmental Monitoring Systems by Using LoRaWAN
- 2022
-
In: IEEE Zooming Innovation in Consumer Electronics International Conference 2022 (ZINC 2022). - Novi Sad, Serbia : Institute of Electrical and Electronics Engineers Inc..
-
Conference paper (peer-reviewed)abstract
- The proliferation of monitoring in unpredictableenvironments has aided the world in solving challenges that werepreviously thought to be insurmountable. Drastic advancementhas been pinpointed in the way we live, work, and play; however,the data odyssey has yet started. From sensing to monitoring,the endless possibility enabled by LoRa, the long-range lowpower solution has made its mark on the technological world.With the adoption of the LoRaWAN, the long-range low powerwide area network has appeared in existence to cope with theconstraints associated with the Internet of Things (IoT) infrastructure. This paper presents a practical experiment for sensingthe environmental condition using the LoRaWAN solution. Theproposed work allows the users to check the environmentaleffects (temperature, and humidity) online. Furthermore, thesignal behavior has been recorded and cross-verified by usingMATLAB software implementation.
|
|
