LoRaWAN attack in military use case
Georges Derache, Mounira Msahli, Aurelien Botbol, Fabien Romain, Jerome Champlon, Gauthier Canet
TL;DR
The paper investigates security vulnerabilities in LoRaWAN used for military asset tracking by simulating sniffing and replay attacks in a minimal LoRaWAN testbed. It implements eavesdropping of unencrypted join requests and replay of frames using HackRF, TTN, and off-the-shelf hardware to demonstrate potential data leakage and disruption vectors. Key findings show that join requests reveal distinct metadata (eui, devnonce, data rate, frequency, timestamps, RSSI, SNR) that can enable inference, while replayed frames can trigger deauthentication on non-TTN networks, highlighting practical attack paths. The work emphasizes the need for offensive security validation in defense IoT deployments and suggests extending experiments to more devices, distances, timing, and potential DDoS-like scenarios.
Abstract
The importance of the development of IoT and LoRaWAN in military applications has been widely established. Since security is one of its important challenges, in this paper we study two attacks scenarios: replay and sniff attacks on military LoRaWAN network. The aim is to highlight cybersecurity threats that must be taken into consideration when using such technology in critical context.