LoRadar: LoRa Sensor Network Monitoring through Passive Packet Sniffing

IoT deployments targeting different application domains are being unfolded at various administrative levels such as countries, states, corporations, or even individual households. Facilitating data transfers between deployed sensors and back-end cloud services is an important aspect of IoT deployments. These data transfers are usually done using Low Power WAN technologies (LPWANs) that have low power consumption and support longer transmission ranges. LoRa (Long Range) is one such technology that has recently gained significant popularity due to its ease of deployment. In this paper, we present LoRadar, a passive packet sniffing framework for LoRa's Medium Access Control (MAC) protocol, LoRaWAN. LoRadar is built using commodity hardware. By carrying out passive measurements at a given location, LoRadar provides key insights of LoRa deployments such as available LoRa networks, deployed sensors, their make, and transmission patterns. Since LoRa deployments are becoming more pervasive, these information are pivotal in characterizing network performance, comparing different LoRa operators, and in emergencies or tactical operations to quickly assess available sensing infrastructure at a given geographical location. We validate the performance of LoRadar in both laboratory and real network settings and conduct a measurement study at eight key locations distributed over a large city-wide geographical area to provide an in-depth analysis of the landscape of commercial IoT deployments. Furthermore, we show the usage of LoRadar in improving the network such as potential collision and jamming detection, device localization, as well as spectrum policing to identify devices that violate the daily duty-cycle quota. Our results show that most of the devices transmitting over the SF12 data rate at one of the survey location were violating the network provider's quota.