Low power wide area network (LoRaWAN) protocol has been widely used in various fields.\nWith its rapid development, security issues about the awareness and defense against malicious events\nin the Internet of Things must be taken seriously. Eavesdroppers can exploit the shortcomings\nof the specification and the limited consumption performance of devices to carry out security\nattacks such as replay attacks. In the process of the over-the-air-activation (OTAA) for LoRa\nnodes, attackers can modify the data because the data is transmitted in plain text. If the userâ??s\nroot key is leaked, the wireless sensor network will not be able to prevent malicious nodes from\njoining the network. To solve this security flaw in LoRaWAN, we propose a countermeasure called\nSecure-Packet-Transmission scheme (SPT) which works based on the LoRaWAN standard v1.1 to\nprevent replay attacks when an attacker has obtained the root key. The proposed scheme redefines\nthe format of join-request packet, add the new One Time Password (OTP) encrypted method and\nchanges the transmission strategy in OTAA between LoRa nodes and network server. The security\nevaluation by using the Burrows-Abadi-Needham logic (BAN Logic) and the Scyther shows that\nthe security goal can be achieved. This paper also conducts extensive experiments by simulations\nand a testbed to perform feasibility and performance analysis. All results demonstrate that SPT is\nlightweight, efficient and able to defend against malicious behavior.
Loading....