Man in the Middle Attack Mitigation in LoRaWAN
John C. Thomas, Season Cherian, S Smitha Chandran, Vipin Pavithran
Abstract
LoRaWAN is a protocol for wireless communication related to the Internet of Things (IoT), that belongs to the Low Power Wide Area Network (LPWAN) protocol family. LoRa technology is used for communication to long distances at a low cost of power consumption. This protocol is able to transfer tiny amounts or a few bytes of data over the network effectively at a regular time interval. Several previous works focus on the performance analysis compared to the security of the protocol. LoRaWAN v1.1 has been significant development to the protocol definition and some new security-related features and improvements. But, some vulnerability still exists in the previous version has not been mitigated. This project paper discusses in detail about the Man in the Middle (MitM) attack taking place in LoRaWAN physical layer during the encrypted communication between two peer modules over the wireless network. The attacker is able to capture, analyse, decode and modify the data (payload). As a proof of concept, the attack is carried out on a controlled LoRaWAN environment using the testbed. A novel mitigation technique is proposed against the attack by a GCM cryptographic algorithm implementation so that the attacks can be mitigated. Finally, the mitigation technique is implemented, tested and the results are presented.