Έρευνα ασφάλειας σε δίκτυα LoRaWAN : θέματα, απειλές και πιθανές τεχνικές μετρίασης
Security research in LoRaWAN networks : issues, threats, and potential mitigation techniques
View/ Open
Keywords
Internet of Things ; Low Power Wide Area Networks ; LoRa technology ; LR-FHSS technology ; LoRaWAN standard ; LoRaWAN applications ; LoRaWAN security analysis ; LoRaWAN risk assessment ; LoRaWAN risk management ; LoRaWAN best practices ; Διαδίκτυο των Πραγμάτων ; Δίκτυα Χαμηλής Ισχύος και Ευρείας Περιοχής ; Τεχνολογία LoRa ; Τεχνολογία LR-FHSS ; Πρότυπο LoRaWAN ; Εφαρμογές LoRaWAN ; Ασφάλεια LoRaWAN ; Ευπάθειες LoRaWAN ; Επιθέσεις LoRaWAN ; Μέτρα αντιμετώπισης LoRaWAN ; Αξιολόγηση κινδύνου LoRaWAN ; Διαχείριση κινδύνου LoRaWAN ; Βέλτιστες πρακτικές LoRaWANAbstract
The Internet of Things is essentially a large cyber-physical space consisting of millions of interconnected networks, billions of smart devices and multiple digital technologies such as Artificial Intelligence, Cloud and Big Data. However, the high heterogeneity of smart devices, combined with the incredibly high energy consumption and the high cost of implementing and developing an intelligent IoT solution, have made the adoption of this advanced technology extremely slow and created trust problems for shareholders and start-ups. To address these issues, Low Power and Wide Area technologies have been developed to create Massive IoT solutions in the domains of Smart Agriculture, Smart Industry, Smart Cities and Smart Utilities. One of these technologies is LoRaWAN which exists internationally, as the leading open standard for secure connectivity of modern sensor networks with excellent features and benefits, such as high range, low energy consumption, large capacity, guaranteed interoperability with hybrid networks, as well as a secure E2E communication through AES128 encryption. Of course, the latter is valid under specific limitations, i.e. while the LoRaWAN standard provides built-in mechanisms to deal with replay, spoofing and eavesdropping attacks, the academic and research community have come to completely different results, especially for the initial versions of the specification. Therefore, in this Master's Thesis, a comprehensive security analysis of the LoRaWAN protocol and the corresponding networks is carried out, where all the identified vulnerabilities and threats are given with corresponding countermeasures, as well as a well-defined Risk Assessment and Management study is given.