Impact of Reactive Jamming Attacks on LoRaWAN: a Theoretical and Experimental Study
Amavi Dossa, Andreas Burg, El Mehdi Amhoud
TL;DR
This work addresses the vulnerability of LoRaWAN to reactive jamming attacks that require minimal jammer exposure time. It develops a theoretical framework that derives frame success probabilities under synchronized, non-synchronized, and repeated-symbol jamming, and validates these results with an SDR-based GNU Radio jammer for controlled experiments, demonstrating that a small number of symbols can significantly disrupt communication. The key contributions include analytical expressions for $P_{sync}(n_s)$, $P_{nosync}(n_s,\tau)$, and $P_{rep}(n_s,\tau)$, a comparative analysis of jamming strategies, and experimental confirmation of the theoretical predictions. The findings underscore the practical risk and motivate the development of stealthy preambles or other PHY-layer defenses to preserve LoRaWAN resilience in adversarial environments.
Abstract
This paper investigates the impact of reactive jamming on LoRaWAN networks, focusing on showing that LoRaWAN communications can be effectively disrupted with minimal jammer exposure time. The susceptibility of LoRa to jamming is assessed through a theoretical study of how the frame success rate is impacted by only a few jamming symbols. Different jamming approaches are studied, among which repeated-symbol jamming appears to be the most disruptive, with sufficient jamming power. A key contribution of this work is the proposal of a software-defined radio (SDR)-based jamming approach implemented on GNU Radio that generates a controlled number of random symbols, independent of the standard LoRa frame structure. This approach enables precise control over jammer exposure time and provides flexibility in studying the effect of jamming symbols on network performance. The theoretical analysis is validated through experimental results, where the implemented jammer is used to assess the impact of jamming under various configurations. Our findings demonstrate that LoRa-based networks can be disrupted with a minimal number of symbols, emphasizing the need for future research on stealthy communication techniques to counter such jamming attacks.