1,720,961 research outputs found
DeLoRaN: decentralize LoRaWAN network server through blockchain
No full textLoRaWAN networks have become popular for enabling long-range, low-power connectivity in Internet of Things (IoT) applications. Traditional LoRa Wannetworks typically rely on a centralized architecture, which may pose limitations regarding scalability, reliability, and adaptability. In contrast, decentralized LoRaWAN networks offer a compelling alternative with several distinct features. This study explores the advantages of decentralized LoRaWAN networks over their centralized counterparts and presents DeLoRaN, a completely decentralized and fully compatible LoRaWAN network. Firstly, a decentralized network architecture enhances the availability of services by leveraging multiple copies of a LoRaWAN Network Server (NS), here called Network Controller, thereby eliminating the single points of failure. Secondly, the decentralized nature of the network improves data availability and integrity by utilizing shared and decentralized ledgers, such as blockchain technology. This ensures that data remains accessible and tamper-proof even in the presence of malicious actors or network failures. Thirdly, a decentralized network strengthens resilience by tolerating faulty or malicious nodes through the consensus mechanisms employed by the Network Controller. To prove our point, we present an implementation of our distributed approach and test it in different scenarios, to appreciate performance and scalability of DeLoRaN when compared to a centralized approach
Investigating secure and distributed control in IoT: improving BLE security and strengthening LoRaWAN with blockchain
Full text linkThe rapid proliferation of the Internet of Things (IoT) has led to the widespread deployment of low-power wireless communication technologies such as Bluetooth Low Energy (BLE) and LoRaWAN, each designed to meet the connectivity and efficiency demands of IoT devices. BLE has emerged as a key technology for short-range communication, enabling applications such as proximity sensing, wearables, and asset tracking, while LoRaWAN supports long-range communication with low power consumption, ideal for wide-area networks in smart cities and rural areas. However, as the number of connected devices grows, so do the security and privacy concerns associated with these networks. Simultaneously, the advent of edge computing and distributed network paradigms offers potential solutions to some of these challenges, providing enhanced computational power and network decentralization, which are critical for scalable and secure IoT systems. In BLE networks, Medium Access Control (MAC) address randomization is a key privacy feature, designed to prevent device tracking by periodically changing the device’s MAC address. However, by leveraging edge computing, mesh networks of BLE sensors can be deployed to circumvent this feature, enabling large-scale tracking despite randomization. On the Low-Power Wide-Area Network (LPWAN) side, LoRaWAN typically operates under a centralized architecture, where a Network Server manages key security tasks like authentication and routing. This centralization introduces risks such as single points of failure and insider threats. To address these issues, edge computing can be applied to decentralize LoRaWAN, with edge nodes handling local processes to reduce dependency on the central server. Integrating a permissioned blockchain removes the need for centralized control, ensuring secure, transparent device authentication and key management without relying on a single authority. This work explores the dual role of edge computing and distributed networks in IoT technologies like BLE and LoRaWAN, examining both the opportunities and risks associated with decentralized approaches. For BLE, the power of edge computing used to circumvent privacy features such as MAC address randomization is investigated. For LoRaWAN, edge computing and permissioned blockchain are proposed as mechanisms to decentralize the network, removing central points of control and improving security against internal and external threats. As IoT continues to expand into various domains, from smart cities to industrial automation, understanding the interplay between edge computing, distributed networks, and low-power communication technologies will be crucial in building scalable, secure, and efficient IoT ecosystems
Friendship security analysis in bluetooth low energy networks
No full textBluetooth Low Energy (BLE) is one of the most promising low-power, short-range wireless technologies, providing a standardized technology for creating mesh networks and enabling devices to communicate with each other with limited impact on the battery. BLE Mesh networks support a variety of features, including broadcast, unicast, and multicast messaging, allowing devices to communicate in a distributed and scalable manner. These networks enable a wide range of applications, from smart homes to industrial automation and asset tracking. In recent years, the BLE standard has introduced a new feature called ”Friendship” that allows nodes with limited battery power to pair with other Bluetooth devices that are responsible for caching their messages while they sleep. In this way, the BLE Friendship allows devices to share data without the need for a continuous connection, preserving the energy-saving capabilities of the network. However, recent literature has shown that this feature can be easily exploited by malicious agents in the network to either deny friendship or establish a permanent link between the attacker and the low-power node. In this paper, we review the current status of the security of the BLE Friendship, discussing what are the most dangerous threats, and analyzing their impact on the battery of low-power nodes. Therefore, we implement one of these threats, namely, the Clear Attack, over a smart sensor scenario to show its potential in affecting the battery life of the devices. Finally, we propose and implement a set of countermeasures and mitigations that can be integrated into the BLE standard to reduce the impact of such an attack and we prove their effectiveness in preserving the energy of low-power devices
BLENDER - Bluetooth low energy discovery and fingerprinting in IoT
No full textBluetooth Low Energy (BLE) is a pervasive wireless technology all around us today. It is included in most commercial consumer electronic devices manufactured in last years, and billions of BLE-enabled devices are produced every year, including wearable or portable ones like smartphones, smart-watches and smartbands. The success of BLE as a cornerstone in IoT and consumer electronics is both an advantage, giving wireless communication potential in the short range at low cost and consumption, and a disadvantage, from a security and privacy standpoint. BLE exposes packets that enable a potential attacker to detect, enquire and fingerprint actual devices despite manufacturers attempts to avoid detection and tracking. MAC address randomization was introduced in the BLE standard to solve some of these issues. In this paper we discuss how to detect and fingerprint BLE devices, basing our analysis and data collection on GAP (Generic Access Profile) and GATT (Generic Attribute Profile) protocols and data that can be recovered from devices by interactions allowed by the standard. In our study we focus on the possibility of enumerating and creating fingerprints of discovered devices, for crowd monitoring and recognition purposes, associating BLE randomized MAC addresses to actual devices using computed fingerprints when GATT is exploitable. We describe how large scale data collection can be obtained using automatic scanning devices with long range communication hardware, to uplink collected data in cloud-based applications and to a data store
Ruling Out IoT Devices in LoRaWAN
No full textLoRaWAN is certainly one of the most widely used LPWAN protocol. The LoRaWAN 1.1 specification aims at fixing some serious security vulnerabilities in the 1.0 specification, however there still exist critical points that may affect the IoT security. In this demo, we show an attack that can affect LoRaWAN 1.0 and 1.1 networks, which hijacks the downlink path from the Network Server to an End Device, ruling out the target device from the network. The attack exploits the deduplication procedure and the gateway selection during a downlink scheduling by the Network Server, which is in general implementation-dependent. The attack scheme has been proven to be easy to implement, not requiring physical layer-specific operations such as signal jamming, and could target many LoRaWAN devices at once. We demonstrate this attack and its effects by blocking a device under our control by receiving any downlink communication
Hijacking downlink path selection in LoRaWAN
No full textWith the rise of the IoT, many protocols have been developed in order to fulfill the need for a wireless connectivity that assures energy efficiency and low-data rates. LoRaWAN is certainly one of the most widely used protocols. The LoRaWAN 1.1 specification aims to fix some serious security vulnerabilities in the 1.0 specification, however there still exist critical points to address. In this paper, we identify an attack that can affect LoRaWAN 1.0 and 1.1 networks, which hijacks the downlink path from the Network Server to an End Device. The attack exploits the deduplication procedure and the gateway selection during a downlink scheduling by the Network Server, which is in general implementation-dependent. The attack scheme has been proven to be easy to implement, not requiring physical layer-specific operations such as signal jamming, and could target many LoRaWAN devices at once. We discuss the implications of this attack and identify the possible mitigations that could be adopted by network providers to address this vulnerability
Demo Abstract: BE-Mesh: Bluetooth Low Energy Mesh Networking
No full textWe propose and discuss BE-Mesh-Bluetooth low
Energy-Meshed network, a new paradigm for BLE (Bluetooth
Low Energy) that enables mesh networking among wirelessly
interconnected devices, both in a single hop and multi-hop
fashion. Starting from the classical Master/Slave paradigm of
Bluetooth, we build two new layers based on BLE stack that
allow the final user to set-up, in a fast way, the desired network
topology while hiding the complexity and low-level details of the
BLE stack. We also prototype, as a proof of concept, an open
source Android library [1] that implements our communication
paradigm and an Android application that allows the exchange
of text messages across the mesh network. Last, we demonstrate
how BE-Mesh enables Internet access sharing with the whole
mesh from a single Internet-connected device
Going Beyond Counting First Authors in Author Co-citation Analysis
Full text linkThe present study examines one of the fundamental aspects of author co-citation analysis (ACA) - the way co-citation
counts are defined. Co-citation counting provides the data on which all subsequent statistical analyses and mappings
are based, and we compare ACA results based on two different types of co-citation counting - the traditional type that
only counts the first one among a cited work's authors on the one hand and a non-traditional type that takes into
account the first 5 authors of a cited work on the other hand. Results indicate that the picture produced through this non-traditional author co-citation counting contains more coherent author groups and is therefore considerably clearer. However, this picture represents fewer specialties in the research field being studied than that produced through the traditional first-author co-citation counting when the same number of top-ranked authors is selected and analyzed. Reasons for these effects are discussed
Variations on the Author
Full text link“Variations on the Author” discusses two of Eduardo Coutinho’s recent films (Um Dia na Vida, from 2010, and Últimas Conversas, posthumously released in 2015) and their contribution to the general question of documentary authorship. The director’s filmography is characterized by a consistent yet self-effacing form of authorial self-inscription: Coutinho often features as an interviewer that rather than express opinions propels discourses; an interviewer that is good at listening. This mode of self-inscription characterizes him as an author who is not expressive but who is nonetheless markedly present on the screen. In Um Dia na Vida, however, Coutinho is completely absent form the image, while Últimas Conversas, on the contrary, includes a confessional prologue that moves the director from the margins to the center of his films. This article examines the ways in which these works stand out in the filmography of a director who offers new insights into the notion of cinematic authorship
- …
