ABSTRACT
In LoRaWAN networks, devices are identified by two identifiers: a globally unique and stable one called DevEUI, and an ephemeral and randomly assigned pseudonym called DevAddr. The association between those identifiers is only known by the network and join servers, and is not available to a passive eavesdropper.
In this work, we consider the problem of linking the DevAddr with the corresponding DevAddr based on passive observation of the LoRa traffic transmitted over the air. Leveraging metadata exposed in LoRa frames, we devise a technique to link two messages containing respectively the DevEUI and the DevAddr, thus identifying the link between those identifiers. The approach is based on machine learning algorithms using various pieces of information including timing, signal strength, and fields of the frames. Based on an evaluation using a real-world dataset of 11 million messages, with ground truth available, we show that multiple machine learning models are able to reliably link those identifiers. The best of them achieves an impressive true positive rate of over 0.8 and a false positive rate of 0.001.
- Abbas Acar, Hossein Fereidooni, Tigist Abera, Amit Kumar Sikder, Markus Miettinen, Hidayet Aksu, Mauro Conti, Ahmad-Reza Sadeghi, and Selcuk Uluagac. 2020. Peek-a-Boo: i See Your Smart Home Activities, Even Encrypted!. In Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks. ACM. https://doi.org/10.1145/3395351.3399421Google ScholarDigital Library
- Lucas Ancian and Mathieu Cunche. 2020. Re-identifying addresses in LoRaWAN networks. Unpublished Research Report. Inria Rhône-Alpes; INSA de Lyon. https://hal.inria.fr/hal-02926894Google Scholar
- Noah Apthorpe, Danny Yuxing Huang, Dillon Reisman, Arvind Narayanan, and Nick Feamster. 2019. Keeping the Smart Home Private with Smart(er) IoT Traffic Shaping. Proceedings on Privacy Enhancing Technologies, Vol. 2019, 3 (July 2019), 128--148. https://doi.org/10.2478/popets-2019-0040Google ScholarCross Ref
- Emekcan Aras, Nicolas Small, Gowri Sankar Ramachandran, Stéphane Delbruel, Wouter Joosen, and Danny Hughes. 2017Selective Jamming of LoRaWAN using Commodity Hardware. In Proceedings of the 14th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services. ACM, 363--372. https://doi.org/10.1145/3144457.3144478Google ScholarDigital Library
- Johannes K Becker, David Li, and David Starobinski. 2019. Tracking Anonymized Bluetooth Devices. Proceedings on Privacy Enhancing Technologies, Vol. 2019, 3 (July 2019), 50--65. https://doi.org/10.2478/popets-2019-0036Google ScholarCross Ref
- Davide Chicco and Giuseppe Jurman. 2020. The Advantages of the Matthews Correlation Coefficient (MCC ) over F1 Score and Accuracy in Binary Classification Evaluation. BMC Genomics, Vol. 21, 1 (Dec. 2020), 6. https://doi.org/10.1186/s12864-019-6413-7Google ScholarCross Ref
- LoRa Alliance Technical Committee. 2017. LoRaWAN ® Specification v1.1.Google Scholar
- Bogdan Copos, Karl Levitt, Matt Bishop, and Jeff Rowe. 2016. Is Anybody Home? Inferring Activity From Smart Home Network Traffic. In 2016 IEEE Security and Privacy Workshops (SPW). IEEE, 245--251. https://doi.org/10.1109/SPW.2016.48Google Scholar
- Rachel L. Finn, David Wright, and Michael Friedewald. 2013. Seven Types of Privacy. In European Data Protection: Coming of Age. https://doi.org/10.1007/978-94-007-5170-5_1Google Scholar
- Dalton A. Hahn, Arslan Munir, and Vahid Behzadan. 2021. Security and Privacy Issues in Intelligent Transportation Systems: Classification and Challenges. IEEE Intell. Transp. Syst. Mag., Vol. 13, 1 (2021), 181--196.Google ScholarCross Ref
- Jetmir Haxhibeqiri, Eli De Poorter, Ingrid Moerman, and Jeroen Hoebeke. 2018. A Survey of LoRaWAN for IoT: From Technology to Application. Sensors, Vol. 18, 11 (Nov. 2018), 3995. https://doi.org/10.3390/s18113995Google ScholarCross Ref
- Guolin Ke, Qi Meng, Thomas Finley, Taifeng Wang, Wei Chen, Weidong Ma, Qiwei Ye, and Tie-Yan Liu. 2017. Lightgbm: A Highly Efficient Gradient Boosting Decision Tree. Advances in neural information processing systems, Vol. 30 (2017), 3146--3154.Google Scholar
- Ron Kohavi. 1995. A Study of Cross-Validation and Bootstrap for Accuracy Estimation and Model Selection. In Ijcai, Vol. 14. 1137--1145.Google ScholarDigital Library
- Patrick Leu, Ivan Puddu, Aanjhan Ranganathan, and Srdjan Čpkun. 2018. I Send, Therefore I Leak: Information Leakage in Low-Power Wide Area Networks. In Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks - WiSec '18. https://doi.org/10.1145/3212480.3212508Google ScholarDigital Library
- Norbert Ludant, Tien D. Vo-Huu, Sashank Narain, and Guevara Noubir. 2021. Linking Bluetooth LE & Classic and Implications for Privacy-Preserving Bluetooth-Based Protocols. In 2021 IEEE Symposium on Security and Privacy (SP). IEEE, 1318--1331. https://doi.org/10.1109/SP40001.2021.00102Google Scholar
- Jeremy Martin, Erik Rye, and Robert Beverly. 2016. Decomposition of MAC address structure for granular device inference. In Proceedings of the 32nd Annual Conference on Computer Security Applications. ACM, 78--88. https://doi.org/10.1145/2991079.2991098Google ScholarDigital Library
- F. Pedregosa, G. Varoquaux, A. Gramfort, V. Michel, B. Thirion, O. Grisel, M. Blondel, P. Prettenhofer, R. Weiss, V. Dubourg, J. Vanderplas, A. Passos, D. Cournapeau, M. Brucher, M. Perrot, and E. Duchesnay. 2011. Scikit-learn: Machine Learning in Python. Journal of Machine Learning Research, Vol. 12 (2011), 2825--2830.Google ScholarDigital Library
- Toni Perković, Hrvoje Rude?, Slaven Damjanović, and Antun Nakić. 2021. Low-Cost Implementation of Reactive Jammer on LoRaWAN Network. Electronics, Vol. 10, 7 (April 2021), 864. https://doi.org/10.3390/electronics10070864Google ScholarCross Ref
- Pieter Robyns, Eduard Marin, Wim Lamotte, Peter Quax, Dave Singelée, and Bart Preneel. 2017. Physical-Layer Fingerprinting of LoRa Devices Using Supervised and Zero-Shot Learning. In Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks. ACM, 58--63. https://doi.org/10.1145/3098243.3098267Google ScholarDigital Library
- Juan D. Rodriguez, Aritz Perez, and Jose A. Lozano. 2009. Sensitivity Analysis of K-Fold Cross Validation in Prediction Error Estimation. IEEE transactions on pattern analysis and machine intelligence, Vol. 32, 3 (2009), 569--575.Google Scholar
- Pietro Spadaccino, Domenico Garlisi, Francesca Cuomo, Giorgio Pillon, and Patrizio Pisani. 2021. Discovery Privacy Threats via Device De-Anonymization in LoRaWAN. In 19th Mediterranean Communication and Computer Networking Conference. 1--8. https://doi.org/10.1109/MedComNet52149.2021.9501247Google ScholarCross Ref
- Nuno Torres, Pedro Pinto, and Sérgio Ivan Lopes. 2021. Security Vulnerabilities in LPWANs -- An Attack Vector Analysis for the IoT Ecosystem. Applied Sciences, Vol. 11, 7 (Jan. 2021), 3176. https://doi.org/10.3390/app11073176Google ScholarCross Ref
- Mathy Vanhoef, Célestin Matte, Mathieu Cunche, Leonardo S. Cardoso, and Frank Piessens. 2016. Why MAC Address Randomization is Not Enough: An Analysis of Wi-Fi Network Discovery Mechanisms. In Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security (ASIA CCS '16). ACM, 413--424. https://doi.org/10.1145/2897845.2897883Google ScholarDigital Library
- Sanjay Yadav and Sanyam Shukla. 2016. Analysis of K-Fold Cross-Validation over Hold-out Validation on Colossal Datasets for Quality Classification. In 2016 IEEE 6th International Conference on Advanced Computing (IACC ). IEEE, 78--83.Google ScholarCross Ref
Index Terms
- Device Re-identification in LoRaWAN through Messages Linkage
Recommendations
When LoRaWAN Frames Collide
WiNTECH '18: Proceedings of the 12th International Workshop on Wireless Network Testbeds, Experimental Evaluation & CharacterizationLoRa, an abbreviation of Long Range, is a Low-Power Wide Area Network (LPWAN) radio technology that has quickly gained popularity as a communications means for the Internet-of-Things (IoT). LoRa is typically used together with the MAC protocol LoRaWAN ...
LoRaWAN SCHC Fragmentation Demystified
Ad-Hoc, Mobile, and Wireless NetworksAbstractLow Power Wide Area Networks (LPWANs) have emerged as new networks for Internet of Things (IoT). LPWANs are characterized by long-range communications and low energy consumption. Furthermore, LPWAN technologies have a small data unit and do not ...
On the Performance of LoRaWAN in Smart City: End-Device Design and Communication Coverage
Distributed Computer and Communication NetworksAbstractExpected communication scenarios within the emerging landscape of Internet of Things (IoT) bring the growth of smart devices connected in the communication network. The communication technologies of greatest interest for IoT are known as Low-Power ...
Comments