LoRaWAN is a leading IoT technology worldwide, increasingly integrated into pervasive computing environments through a growing number of sensors in various industrial and consumer applications. Although its security vulnerabilities have been extensively explored in the recent literature, its ties to human activities warrant further privacy research. Existing device identification and activity inference attacks are only effective with a stable identifier. We find that the identifiers in LoRaWAN exhibit high variability, and more than half of the devices use them for less than a week. For the first time in the literature, we explore the feasibility of device fingerprinting in LoRaWAN, allowing long-term device linkage, i.e. associating various identifiers of the same device. We introduce a novel holistic fingerprint representation utilizing multiple domains, namely content, timing, and radio information, and present a machine learning-based solution for linking identifiers. Through a large-scale experimental evaluation based on real-world datasets containing up to 41 million messages, we study multiple scenarios, including an attacker with limited resources. We reach 0.98 linkage accuracy, underscoring the need for privacy-preserving measures. We showcase countermeasures including payload padding, random delays, and radio signal modulation, and conclude by assessing their impact on our fingerprinting solution.

Metadata

• Published in: Pervasive and Mobile Computing
• DOI: 10.1016/j.pmcj.2025.102082)