Print Email Facebook Twitter LoRaWAN: Vulnerability Analysis and Practical Expoitation Title LoRaWAN: Vulnerability Analysis and Practical Expoitation Author Yang, Xueying (TU Delft Electrical Engineering, Mathematics and Computer Science) Contributor Kuipers, Fernando (mentor) Karampatzakis, Evgenios (mentor) Doerr, Christian (graduation committee) Degree granting institution Delft University of Technology Date 2017-07-28 Abstract Internet of Things (IoT) applications nowadays have a wide impact on people’s daily life while the size of IoT has been increasing rapidly. Millions of devices huge amount of data and different kinds of new protocols can bring many security issues.LoRaWAN is a MAC layer protocol for long-range low-power communication dedicated to the IoT. It can be used to transmit messages between IoT end devices and gateways. However, since the development of LoRaWAN is still at an early stage, the security level of the protocol is not well developed, and the need for analyzing and developing the security level of LoRaWAN is necessary and urgent.This research summarizes the secure features of LoRaWAN in the aspects of activation methods, key management, cryptography, counter management and message acknowledgement. Then, vulnerabilities of LoRaWAN are found and analyzed. 4 Attacksbased on these vulnerabilities are designed and described via an attack tree method. These attacks are (1) replay attack, (2) eavesdropping, (3) bit flipping and (4) ACK spoofing. As a poof-of-concept, the attacks are implemented and executed in a LoRaWAN environment. Afterwards, mitigation and secure solutions against attacks are given to protect the security of LoRaWAN networks.The result of this research can be used in developing the security level of LoRaWAN protocol and setting the standard criteria for evaluating security of LoRaWAN devices. Subject LoRaWANSecurityInternet of Things To reference this document use: http://resolver.tudelft.nl/uuid:87730790-6166-4424-9d82-8fe815733f1e Part of collection Student theses Document type master thesis Rights © 2017 Xueying Yang Files PDF Thesis_Xueying.pdf 5.55 MB Close viewer /islandora/object/uuid:87730790-6166-4424-9d82-8fe815733f1e/datastream/OBJ/view