Intrusion Detection System for LoRaWAN

Availability and integrity of sensor data are two cornerstones of a trustworthy sensor application. In a LoRaWAN based sensor network a malicious attacker can compromise those features by e.g. DoS/Spoofing attacks, which might lead to manipulation of critical information. Hence, in applications where high data availability is crucial, such as in flood or earthquacke detection, additional security features shall be implemented.

To this end, we present an intrusion detection gateway for LoRaWAN, which is primarily meant to detect reactive jamming attacks against selected LoRaWAN nodes. The detection mechanism is based on monitoring received signal strength and signal-to-noise meta-data values of received LoRaWAN packets. The detection algorithm is implemented on top of the popular LoRaWAN packet forwarder software. Thus, the detector can be installed to existing LoRaWAN gateways, or alternatively mounted to an additional passive LoRaWAN monitoring gateway.