Security Issues of Low Power Wide Area Networks in the Context of LoRa Networks

Low Power Wide Area Networks (LPWAN) have been used to support low cost and mobile bi-directional communications for the Internet of Things (IoT), smart city and a wide range of industrial applications. A primary security concern of LPWAN technology is the attacks that block legitimate communication between nodes resulting in scenarios like loss of packets, delayed packet arrival, and skewed packet reaching the reporting gateway. LoRa (Long Range) is a promising wireless radio access technology that supports long-range communication at low data rates and low power consumption. LoRa is considered as one of the ideal candidates for building LPWANs. We use LoRa as a reference technology to review the IoT security threats on the air and the applicability of different countermeasures that have been adopted so far. LoRa nodes that are close to the gateway use a small SF than the nodes which are far away. But it also implies long in-the-air transmission time, which makes the transmitted packets vulnerable to different kinds of malicious attacks, especially in the physical and the link layer. Therefore, it is not possible to enforce a fixed set of rules for all LoRa nodes since they have different levels of vulnerabilities. Our survey reveals that there is an urgent need for secure and uninterrupted communication between an end-device and the gateway, especially when the threat models are unknown in advance. We explore the traditional countermeasures and find that most of them are ineffective now, such as frequency hopping and spread spectrum methods. In order to adapt to new threats, the emerging countermeasures using game-theoretic approaches and reinforcement machine learning methods can effectively identify threats and dynamically choose the corresponding actions to resist threats, thereby making secured and reliable communications.