Back to Search
Start Over
Discovery privacy threats via device de-anonymization in LoRaWAN
- Source :
- 19th Mediterranean Communication and Computer Networking Conference (MedComNet), Computer Communications, MedComNet, 2021 19th Mediterranean Communication and Computer Networking Conference (MedComNet)
- Publication Year :
- 2022
- Publisher :
- Elsevier BV, 2022.
-
Abstract
- LoRaWAN (Long Range WAN) is one of the well-known emerging technologies for the Internet of Things (IoT). Many IoT applications involve simple devices that transmit their data toward network gateways or access points that, in their turn, redirect data to application servers. While several security issues have been addressed in the LoRaWAN specification v1.1, there are still some aspects that may undermine privacy and security of the interconnected IoT devices. In this paper, we tackle a privacy aspect related to LoRaWAN device identity. The proposed approach, by monitoring the network traffic in LoRaWAN, is able to derive, in a probabilistic way, the unique identifier of the IoT device from the temporal address assigned by the network. In other words, the method identifies the relationship between the LoRaWAN DevAddress and the device manufacturer DevEUI. The proposed approach, named DEVIL (DEVice Identification and privacy Leakage), is based on temporal patterns arising in the packets transmissions. The paper presents also a detailed study of two real datasets: i) one derived by IoT devices interconnected to a prominent network operator in Italy; ii) one taken from the literature (the LoED dataset in Bhatia et al. (2020)). DEVIL is evaluated on the first dataset while the second is analyzed to support the hypothesis under the DEVIL operation. The results of our analysis, compared with other literature approaches, show how device identification through DEVIL can expose IoT devices to privacy leakage. Finally, the paper also provides some guidelines to mitigate the user re-identification threats.
- Subjects :
- Information privacy
IoT
De-anonymization
de-anonymizations
Computer science
Emerging technologies
Computer Networks and Communications
Internet of Things
Device identification
computer.software_genre
Computer security
privacy
LoRa
Security and privacy
Unique identifier
LoRaWAN
Security
Lorawan
Application server
Network packet
Probabilistic logic
Identification (information)
internet of things
lora
lorawan
security
network optimization
computer
Network optimization
Subjects
Details
- ISBN :
- 978-1-66543-590-1
- ISSN :
- 01403664
- ISBNs :
- 9781665435901
- Volume :
- 189
- Database :
- OpenAIRE
- Journal :
- Computer Communications
- Accession number :
- edsair.doi.dedup.....e8b2075ed2f9471e6d636ff0851d7c35
- Full Text :
- https://doi.org/10.1016/j.comcom.2022.02.017