Network Intrusion Detection System For Jamming Attack In Lorawan Join Procedure

LoRaWAN is a Low Power Wide Area Network (LPWAN) protocol designed to allow low power battery operated nodes to communicate with each other. Though LoRaWAN provides end-to-end security, however vulnerabilities exist in the security mechanism of LoRaWAN join procedure. A jammer can be used to launch a denial of service (DOS) attack by permanently disconnecting the LoRa end nodes from the LoRaWAN network. In this paper, we propose a novel LoRaWAN based Intrusion Detection System (LIDS) for jamming attacks. A real experimental testbed is developed and deployed and LIDS is trained on real join request data. We propose two LIDS algorithms based on Kullback Leibler Divergence (KLD) and Hamming distance (HD). The algorithms are extensively tested on real-world dataset. Receiver Operating Characteristic (ROC) based performance evaluations show that KLD and HD can achieve detection rates as high as 98% and 88% respectively with 5% false positive rate.