Povalac Ales, Kral Jan, Arthaber Holger, Kolar Ondrej, Novak Marek
Faculty of Electrical Engineering and Communication, Brno University of Technology, Technicka 12, 61600 Brno, Czech Republic.
Institute of Electrodynamics, Microwave and Circuit Engineering, TU Wien, Gusshausstrasse 25/354, 1040 Vienna, Austria.
Sensors (Basel). 2023 Aug 22;23(17):7333. doi: 10.3390/s23177333.
In the past decade, Long-Range Wire-Area Network (LoRaWAN) has emerged as one of the most widely adopted Low Power Wide Area Network (LPWAN) standards. Significant efforts have been devoted to optimizing the operation of this network. However, research in this domain heavily relies on simulations and demands high-quality real-world traffic data. To address this need, we monitored and analyzed LoRaWAN traffic in four European cities, making the obtained data and post-processing scripts publicly available. For monitoring purposes, we developed an open-source sniffer capable of capturing all LoRaWAN communication within the EU868 band. Our analysis discovered significant issues in current LoRaWAN deployments, including violations of fundamental security principles, such as the use of default and exposed encryption keys, potential breaches of spectrum regulations including duty cycle violations, SyncWord issues, and misaligned Class-B beacons. This misalignment can render Class-B unusable, as the beacons cannot be validated. Furthermore, we enhanced Wireshark's LoRaWAN protocol dissector to accurately decode recorded traffic. Additionally, we proposed the passive reception of Class-B beacons as an alternative timebase source for devices operating within LoRaWAN coverage under the assumption that the issue of misaligned beacons can be addressed or mitigated in the future. The identified issues and the published dataset can serve as valuable resources for researchers simulating real-world traffic and for the LoRaWAN Alliance to enhance the standard to facilitate more reliable Class-B communication.
在过去十年中,长距离广域网(LoRaWAN)已成为应用最广泛的低功耗广域网(LPWAN)标准之一。人们已投入大量精力来优化该网络的运行。然而,该领域的研究严重依赖于模拟,并且需要高质量的真实世界流量数据。为满足这一需求,我们监测并分析了欧洲四个城市的LoRaWAN流量,并将所获数据和后处理脚本公开。为进行监测,我们开发了一种开源嗅探器,能够捕获EU868频段内的所有LoRaWAN通信。我们的分析发现了当前LoRaWAN部署中的重大问题,包括违反基本安全原则,如使用默认且暴露的加密密钥;可能违反频谱法规,包括占空比违规、同步字问题以及B类信标未对齐。这种未对齐会导致B类无法使用,因为信标无法验证。此外,我们增强了Wireshark的LoRaWAN协议剖析器,以准确解码记录的流量。此外,我们提出被动接收B类信标,作为在LoRaWAN覆盖范围内运行的设备的替代时基源,前提是信标未对齐问题能够在未来得到解决或缓解。所发现的问题和已发布的数据集可作为有价值的资源,供研究人员模拟真实世界流量以及供LoRaWAN联盟改进标准,以促进更可靠的B类通信。
