@misc{ruotsalainen_how_2018, address = {St. Pölten, Austria}, title = {How to secure {IoT} on the wireless physical layer}, url = {https://itsecx.fhstp.ac.at/content/download/166239/file/04_Henri-Ruotsalainen_FH-St.-P%C3%B6lten.pdf}, author = {Ruotsalainen, Henri}, month = nov, year = {2018}, keywords = {Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Publikationstyp Präsentation, Vortrag, Wiss. Beitrag}, } @article{ruotsalainen_lorawan_2022, title = {{LoRaWAN} {Physical} {Layer}-{Based} {Attacks} and {Countermeasures}, {A} {Review}}, volume = {22}, copyright = {CC-BY}, issn = {1424-8220}, url = {https://www.mdpi.com/1424-8220/22/9/3127}, doi = {10.3390/s22093127}, abstract = {As LoRaWAN is one of the most popular long-range wireless protocols among low-power IoT applications, more and more focus is shifting towards security. In particular, physical layer topics become relevant to improve the security of LoRaWAN nodes, which are often limited in terms of computational power and communication resources. To this end, e.g., detection methods for wireless attacks improve the integrity and robustness of LoRaWAN access. Further, wireless physical layer techniques have potential to enhance key refreshment and device authentication. In this work, we aim to provide a comprehensive review of various vulnerabilities, countermeasures and security enhancing features concerning the LoRaWAN physical layer. Afterwards, we discuss the impact of the reviewed topics on LoRaWAN security and, subsequently, we identify research gaps as well as promising future research directions.}, language = {en}, number = {9}, urldate = {2022-04-22}, journal = {Sensors}, author = {Ruotsalainen, Henri and Shen, Guanxiong and Zhang, Junqing and Fujdiak, Radek}, month = apr, year = {2022}, note = {Project: Dataskop}, keywords = {Dataskop, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Publikationstyp Zeitschriftenartikel, SP IT Sec Applied Security \& Data Science, peer-reviewed}, pages = {3127}, } @inproceedings{hodo_anomaly_2017, title = {Anomaly {Detection} for {Simulated} {IEC}-60870-5-104 {Trafiic}}, doi = {10/gh372t}, publisher = {ACM}, author = {Hodo, Ersi and Grebeniuk, Stepan and Ruotsalainen, Henri and Tavolato, Paul}, year = {2017}, keywords = {Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Publikationstyp Schriftpublikation, SP IT Sec Applied Security \& Data Science, Vortrag, peer-reviewed}, } @inproceedings{ruotsalainen_towards_2018, address = {Hamburg, Deutschland}, title = {Towards {Wireless} {Secret} key {Agreement} with {LoRa} {Physical} {Layer}}, doi = {10/gh3732}, booktitle = {Proceedings of the 13th {International} {Conference} on {Availability}, {Reliability} and {Security}}, publisher = {ACM}, author = {Ruotsalainen, Henri and Grebeniuk, Stepan}, year = {2018}, keywords = {Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Publikationstyp Schriftpublikation, Vortrag, peer-reviewed}, } @misc{ruotsalainen_smart_2022, title = {Smart {Home} {Automation}, {Today}\&{Tomorrow}}, language = {Englisch}, author = {Ruotsalainen, Henri}, month = apr, year = {2022}, keywords = {Department Technologie, FH SP Cyber Security, Institut für IT Sicherheitsforschung, Publikationstyp Präsentation, Vortrag, Wiss. Beitrag}, } @inproceedings{ruotsalainen_watermarking_2021, address = {Vasteras, Sweden}, title = {Watermarking {Based} {Sensor} {Attack} {Detection} in {Home} {Automation} {Systems}}, isbn = {978-1-72812-989-1}, url = {https://ieeexplore.ieee.org/document/9613634/}, doi = {10/gnt2wj}, urldate = {2021-12-06}, booktitle = {2021 26th {IEEE} {International} {Conference} on {Emerging} {Technologies} and {Factory} {Automation} ({ETFA} )}, publisher = {IEEE}, author = {Ruotsalainen, Henri and Treytl, Albert and Sauter, Thilo}, month = sep, year = {2021}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Publikationstyp Konferenz-Paper, SP IT Sec Applied Security \& Data Science, Vortrag, peer-reviewed}, pages = {1--8}, } @article{pospisil_testbed_2021, title = {Testbed for {LoRaWAN} {Security}: {Design} and {Validation} through {Man}-in-the-{Middle} {Attacks} {Study}}, volume = {11}, copyright = {Open Access}, issn = {2076-3417}, shorttitle = {Testbed for {LoRaWAN} {Security}}, url = {https://www.mdpi.com/2076-3417/11/16/7642}, doi = {https://doi.org/10.3390/app11167642}, abstract = {The low-power wide-area (LPWA) technologies, which enable cost and energy-efficient wireless connectivity for massive deployments of autonomous machines, have enabled and boosted the development of many new Internet of things (IoT) applications; however, the security of LPWA technologies in general, and specifically those operating in the license-free frequency bands, have received somewhat limited attention so far. This paper focuses specifically on the security and privacy aspects of one of the most popular license-free-band LPWA technologies, which is named LoRaWAN. The paper’s key contributions are the details of the design and experimental validation of a security-focused testbed, based on the combination of software-defined radio (SDR) and GNU Radio software with a standalone LoRaWAN transceiver. By implementing the two practical man-in-the-middle attacks (i.e., the replay and bit-flipping attacks through intercepting the over-the-air activation procedure by an external to the network attacker device), we demonstrate that the developed testbed enables practical experiments for on-air security in real-life conditions. This makes the designed testbed perspective for validating the novel security solutions and approaches and draws attention to some of the relevant security challenges extant in LoRaWAN.}, language = {en}, number = {16}, urldate = {2021-08-30}, journal = {Applied Sciences}, author = {Pospisil, Ondrej and Fujdiak, Radek and Mikhaylov, Konstantin and Ruotsalainen, Henri and Misurec, Jiri}, month = aug, year = {2021}, keywords = {Depart Informatik und Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Journal, Wiss. Beitrag, peer-reviewed}, pages = {7642}, } @article{ruotsalainen_experimental_2019, title = {Experimental {Investigation} on {Wireless} {Key} {Generation} for {Low} {Power} {Wide} {Area} {Networks}}, doi = {10/ggxwns}, abstract = {The wireless key generation is a potential way to implement information theoretically secure key refreshment for IoT devices. The state-of-the-art work on key generation mainly utilizes the wireless local area network technologies. However, they have not sufficiently considered the typical characteristics of low power wide area network (LPWAN) such as lengthy payloads, duty cycled transmission and reception, or limitations for channel utilization. In this paper, we carried out a comprehensive experimental investigation on key generation applied with LPWAN, taking LoRa/LoRaWAN as case studies. A key generation protocol optimized for typical LPWAN applications is proposed. According to the extensive evaluations with deep in-building and long distance (up to 7 km) outdoor LoRaWAN links, extraction of keys with high randomness becomes feasible. Moreover, we study the achievable AES128 key refreshment periods for different eavesdropper key disagreement rates. As indicated by our measurement based evaluations, the AES128 key can be renewed every three hours with the proposed key generation protocol and with the maximum LoRaWAN spreading factor setting (longest range). A further interesting evaluation result demonstrates that a secure key refreshment is still possible even when the eavesdropper key disagreement rate is very close to the rate of the legitimate users.}, journal = {IEEE Internet of Things Journal}, author = {Ruotsalainen, Henri and Zhang, Junqing and Grebeniuk, Stepan}, month = nov, year = {2019}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec System \& Application Security, best, best haruotsa, peer-reviewed}, } @article{leder_hierarchical-table-based_2016, title = {Hierarchical-{Table}-{Based} {Model} for {All}-{Digital} {RF} {Transmitters}}, doi = {10/f9t8nr}, number = {99}, journal = {IEEE Transactions on Microwave Theory and Techniques}, author = {Leder, Norbert and Pichler, Bernhard and Faseth, Thomas and Ruotsalainen, Henri and Arthaber, Holger}, year = {2016}, note = {Projekt: LoRaKey}, keywords = {Department Technologie, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Publikationstyp Schriftpublikation, peer-reviewed}, } @misc{ruotsalainen_identifying_2017, address = {St. Pölten, Austria}, title = {Identifying {Attacks} in {Electrical} {Sub}-{Station} {Networks}}, url = {https://itsecx.fhstp.ac.at/wp-content/uploads/2017/11/03_Routsalainen_ITSecx2017.pdf}, author = {Ruotsalainen, Henri}, month = oct, year = {2017}, keywords = {Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Publikationstyp Präsentation, Vortrag, Wiss. Beitrag}, }