Classification and Characterization of LoRaWAN Energy Depletion Attacks: A Review

The long-range wide area network (LoRaWAN) is the Internet of Things (IoT) technology widely adopted by industrial, agriculture, and academic sectors. Despite its capability to provide low-power devices with extended battery life, secure communication, and cost-effectiveness, LoRaWAN has attracted significant attention due to its security concerns. A specific type of attack targeting sensors has emerged within this context, known as energy depletion attacks (EDAs). It aims to deplete the battery of sensors until they become unavailable, posing a potential threat to IoT networks and increasing infrastructure maintenance costs. A notable characteristic of EDAs is their tendency to stem from other types of attacks, such as flooding or jamming. Indeed, many attacks can elevate the energy consumption of an end device and deplete its battery. However, there is a research gap regarding the characterization of the potential impact of these attacks on a sensor's energy. This article presents a novel characterization of EDAs in LoRaWAN networks using an emulation-based approach, providing insights for improving IoT security. Thus, our article offers a classification of the most significant attacks associated with LoRaWAN, provides a summary of the current state-of-the-art energy consumption models, introduces a characterization of their potential to deplete the sensor's energy, and presents a comparative tabulation of the attacks in terms of their energy depletion potential. In addition, we provide a literature review of current defenses against EDAs in LoRaWAN, highlight the security gap concerning EDAs in LoRaWAN, and outline the open challenges for future research in this area. (AU)