Protecting Gateway from ABP Replay Attack on LoRaWAN

  • Erik GresakEmail author
  • Miroslav Voznak
Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 554)


This paper discusses the problem of replay attacks with the ABP (Activation By Personalisation) authentication method on the LoRaWAN infrastructure and proposes effective gateway protection. To solve the problem, an experiment is replicated that simulates the attacker and is embedded in a real infrastructure environment. Subsequently, a detector is proposed and implemented based on knowledge of attacker’s steps. The paper brings a proposed and verified detection algorithm that is implemented directly on the gate with an attack incident report. The aim of this approach is to prevent server-side spoofing and dosing attack on the end-device.


LoRaWAN LoRA Replay attack ABP Detection Internet of Things IoT LPWAN 



This work was supported by the Secure Gateway for Internet of Things (SIoT) project No. VI20172020079 funded by the Ministry of the Interior of the Czech Republic and partially by the project Networks and Telecommunications Technologies for Smart Cities under SGS Grant SP2018/59 conducted by the VSB-Technical University of Ostrava, Czech Republic.


  1. 1.
    Gubbi, J., Buyya, R., Marusic, S., Palaniswami, M.: Internet of Things (IoT): a vision, architectural elements, and future directions. Future Gener. Comput. Syst. 29(7), 1645–1660 (2013)CrossRefGoogle Scholar
  2. 2.
    Miorandi, D., Sicari, S., De Pellegrini, F., Chlamtac, I.: Internet of Things: vision, applications and research challenges. Ad Hoc Netw. 10(7), 1497–1516 (2012)CrossRefGoogle Scholar
  3. 3.
    Al-Fuqaha, A., Guizani, M., Mohammadi, M., Aledhari, M., Ayyash, M.: Internet of Things: a survey on enabling technologies, protocols, and applications. IEEE Commun. Surv. Tutor. 17(4), 2347–2376 (2015)CrossRefGoogle Scholar
  4. 4.
    Stankovic, J.A.: Research directions for the Internet of Things. IEEE Internet Things J. 1(1), 3–9 (2014). Article no. 6774858MathSciNetCrossRefGoogle Scholar
  5. 5.
    Bandyopadhyay, D., Sen, J.: Internet of Things: applications and challenges in technology and standardization. Wirel. Pers. Commun. 58(1), 49–69 (2011)CrossRefGoogle Scholar
  6. 6.
    Na, S., Hwang, D., Shin, W., Kim, K.-H.: Scenario and countermeasure for replay attack using join request messages in LoRaWAN. In: 2017 International Conference on Information Networking (ICOIN), pp. 718–720. IEEE (2017)., Accessed 31 July 2018. ISBN 978-1-5090-5124-3
  7. 7.
    Tomasin, S., Zulian, S., Vangelista, L.: Security analysis of LoRaWAN join procedure for Internet of Things networks. In: 2017 IEEE Wireless Communications and Networking Conference Workshops (WCNCW), pp. 1–6. IEEE (2017)., Accessed 31 July 2018. ISBN 978-1-5090-5908-9
  8. 8.
    Sung, W.-J., Ahn, H.-G., Kim, J.-B., Choi, S.-G.: Protecting end-device from replay attack on LoRaWAN. In: 2018 20th International Conference on Advanced Communication Technology (ICACT), pp. 167–171. IEEE (2018)., ISBN 979-11-88428-01-4
  9. 9.
    Miller, R.: LoRa Security - Building a Secure LoRa Solution, MWR Labs.
  10. 10.
    Yang, X.: LoRaWAN: Vulnerability Analysis and Practical Exploitation (2017).
  11. 11.
    LoRa Alliance: A technical overview of LoRa and LoRaWAN (2015).
  12. 12.
    Semtech Sx1272/73: Datasheet (2015). Accessed 12 May 2015
  13. 13.
    IMST GmbH Germany: WiMOD iC880A datasheet (2015).
  14. 14.
    LoRa App Server – open-source LoRaWAN application-server. Accessed 05 July 2017
  15. 15.
    The LoRa Alliance: LoRaWAN 1.1 Specification, October 2017Google Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Faculty of Electrical Engineering and Computer ScienceVSB - Technical University of OstravaOstrava-PorubaCzech Republic

Personalised recommendations