{"id":"https://openalex.org/W4416286471","doi":"https://doi.org/10.1109/jiot.2025.3633940","title":"Securing LoRaWAN in the AIoT Era: A Systematic Mapping Study and an MITRE-Based Threat Matrix","display_name":"Securing LoRaWAN in the AIoT Era: A Systematic Mapping Study and an MITRE-Based Threat Matrix","publication_year":2025,"publication_date":"2025-11-17","ids":{"openalex":"https://openalex.org/W4416286471","doi":"https://doi.org/10.1109/jiot.2025.3633940"},"language":null,"primary_location":{"id":"doi:10.1109/jiot.2025.3633940","is_oa":false,"landing_page_url":"https://doi.org/10.1109/jiot.2025.3633940","pdf_url":null,"source":{"id":"https://openalex.org/S2480266640","display_name":"IEEE Internet of Things Journal","issn_l":"2327-4662","issn":["2327-4662","2372-2541"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Internet of Things Journal","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5009624498","display_name":"Elis\u00e9e To\u00e9","orcid":"https://orcid.org/0009-0008-7586-6665"},"institutions":[{"id":"https://openalex.org/I104914703","display_name":"Universit\u00e9 du Qu\u00e9bec \u00e0 Chicoutimi","ror":"https://ror.org/00y3hzd62","country_code":"CA","type":"education","lineage":["https://openalex.org/I104914703","https://openalex.org/I49663120"]},{"id":"https://openalex.org/I3129292944","display_name":"C\u00e9gep de Chicoutimi","ror":"https://ror.org/03kzn3e44","country_code":"CA","type":"education","lineage":["https://openalex.org/I3129292944"]}],"countries":["CA"],"is_corresponding":true,"raw_author_name":"Elis\u00e9e Toe","raw_affiliation_strings":["Université du Québec á Chicoutimi, Saguenay, QC, Canada","Université du Québec à Chicoutimi, Canada"],"affiliations":[{"raw_affiliation_string":"Université du Québec á Chicoutimi, Saguenay, QC, Canada","institution_ids":["https://openalex.org/I104914703","https://openalex.org/I3129292944"]},{"raw_affiliation_string":"Université du Québec à Chicoutimi, Canada","institution_ids":["https://openalex.org/I104914703"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5030108374","display_name":"Fehmi Jaafar","orcid":null},"institutions":[{"id":"https://openalex.org/I104914703","display_name":"Universit\u00e9 du Qu\u00e9bec \u00e0 Chicoutimi","ror":"https://ror.org/00y3hzd62","country_code":"CA","type":"education","lineage":["https://openalex.org/I104914703","https://openalex.org/I49663120"]},{"id":"https://openalex.org/I3129292944","display_name":"C\u00e9gep de Chicoutimi","ror":"https://ror.org/03kzn3e44","country_code":"CA","type":"education","lineage":["https://openalex.org/I3129292944"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Fehmi Jaafar","raw_affiliation_strings":["Université du Québec á Chicoutimi, Saguenay, QC, Canada","Université du Québec à Chicoutimi, Canada"],"affiliations":[{"raw_affiliation_string":"Université du Québec á Chicoutimi, Saguenay, QC, Canada","institution_ids":["https://openalex.org/I104914703","https://openalex.org/I3129292944"]},{"raw_affiliation_string":"Université du Québec à Chicoutimi, Canada","institution_ids":["https://openalex.org/I104914703"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5091101730","display_name":"Laurent Ferrier","orcid":"https://orcid.org/0000-0003-2981-7375"},"institutions":[{"id":"https://openalex.org/I3133064791","display_name":"Cegep de Sept Iles","ror":"https://ror.org/01601en76","country_code":"CA","type":"education","lineage":["https://openalex.org/I3133064791"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Laurent Charles Andr\u00e9 Ferrier","raw_affiliation_strings":["Cégep de Sept-Îles, Sept-Îles, QC, Canada","Cégep de Sept-Îles, Canada"],"affiliations":[{"raw_affiliation_string":"Cégep de Sept-Îles, Sept-Îles, QC, Canada","institution_ids":["https://openalex.org/I3133064791"]},{"raw_affiliation_string":"Cégep de Sept-Îles, Canada","institution_ids":["https://openalex.org/I3133064791"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5009624498"],"corresponding_institution_ids":["https://openalex.org/I104914703","https://openalex.org/I3129292944"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.36682615,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"13","issue":"3","first_page":"3827","last_page":"3849"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12079","display_name":"IoT Networks and Protocols","score":0.9873999953269958,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12079","display_name":"IoT Networks and Protocols","score":0.9873999953269958,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10273","display_name":"IoT and Edge/Fog Computing","score":0.002400000113993883,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10761","display_name":"Vehicular Ad Hoc Networks (VANETs)","score":0.0007999999797903001,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/interoperability","display_name":"Interoperability","score":0.6514999866485596},{"id":"https://openalex.org/keywords/spoofing-attack","display_name":"Spoofing attack","score":0.5924999713897705},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.5727999806404114},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.5175999999046326},{"id":"https://openalex.org/keywords/firmware","display_name":"Firmware","score":0.46000000834465027},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.4562000036239624},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.3926999866962433},{"id":"https://openalex.org/keywords/protocol-stack","display_name":"Protocol stack","score":0.3847000002861023},{"id":"https://openalex.org/keywords/lpwan","display_name":"LPWAN","score":0.37929999828338623},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.3750999867916107}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8478999733924866},{"id":"https://openalex.org/C20136886","wikidata":"https://www.wikidata.org/wiki/Q749647","display_name":"Interoperability","level":2,"score":0.6514999866485596},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6096000075340271},{"id":"https://openalex.org/C167900197","wikidata":"https://www.wikidata.org/wiki/Q11081100","display_name":"Spoofing attack","level":2,"score":0.5924999713897705},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.5727999806404114},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.5175999999046326},{"id":"https://openalex.org/C67212190","wikidata":"https://www.wikidata.org/wiki/Q104851","display_name":"Firmware","level":2,"score":0.46000000834465027},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.4562000036239624},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.3926999866962433},{"id":"https://openalex.org/C38601921","wikidata":"https://www.wikidata.org/wiki/Q1757693","display_name":"Protocol stack","level":3,"score":0.3847000002861023},{"id":"https://openalex.org/C2776445043","wikidata":"https://www.wikidata.org/wiki/Q20706829","display_name":"LPWAN","level":3,"score":0.37929999828338623},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.3750999867916107},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.3716000020503998},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.36480000615119934},{"id":"https://openalex.org/C24590314","wikidata":"https://www.wikidata.org/wiki/Q336038","display_name":"Wireless sensor network","level":2,"score":0.361299991607666},{"id":"https://openalex.org/C194541083","wikidata":"https://www.wikidata.org/wiki/Q457174","display_name":"Workaround","level":2,"score":0.3555000126361847},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.34119999408721924},{"id":"https://openalex.org/C12269588","wikidata":"https://www.wikidata.org/wiki/Q132364","display_name":"Communications protocol","level":2,"score":0.328000009059906},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.31470000743865967},{"id":"https://openalex.org/C2779585090","wikidata":"https://www.wikidata.org/wiki/Q3457762","display_name":"Resilience (materials science)","level":2,"score":0.30640000104904175},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.29829999804496765},{"id":"https://openalex.org/C187191949","wikidata":"https://www.wikidata.org/wiki/Q1138496","display_name":"Profiling (computer programming)","level":2,"score":0.2953999936580658},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.29490000009536743},{"id":"https://openalex.org/C29852176","wikidata":"https://www.wikidata.org/wiki/Q373338","display_name":"Critical infrastructure","level":2,"score":0.28870001435279846},{"id":"https://openalex.org/C38369872","wikidata":"https://www.wikidata.org/wiki/Q7445009","display_name":"Security analysis","level":2,"score":0.2833999991416931},{"id":"https://openalex.org/C2780233690","wikidata":"https://www.wikidata.org/wiki/Q535347","display_name":"Transparency (behavior)","level":2,"score":0.2833999991416931},{"id":"https://openalex.org/C33884865","wikidata":"https://www.wikidata.org/wiki/Q1254335","display_name":"Cryptographic protocol","level":3,"score":0.2784999907016754},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.2784000039100647},{"id":"https://openalex.org/C116834253","wikidata":"https://www.wikidata.org/wiki/Q2039217","display_name":"Identification (biology)","level":2,"score":0.2754000127315521},{"id":"https://openalex.org/C2776104089","wikidata":"https://www.wikidata.org/wiki/Q15894079","display_name":"Location awareness","level":2,"score":0.27390000224113464},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.2736000120639801},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.2727000117301941},{"id":"https://openalex.org/C2777103469","wikidata":"https://www.wikidata.org/wiki/Q1231558","display_name":"Smart city","level":3,"score":0.2712000012397766},{"id":"https://openalex.org/C72648740","wikidata":"https://www.wikidata.org/wiki/Q658476","display_name":"Public key infrastructure","level":4,"score":0.26260000467300415},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.2606000006198883},{"id":"https://openalex.org/C82578977","wikidata":"https://www.wikidata.org/wiki/Q16773055","display_name":"Data aggregator","level":3,"score":0.2596000134944916},{"id":"https://openalex.org/C2779033394","wikidata":"https://www.wikidata.org/wiki/Q5186733","display_name":"Critical infrastructure protection","level":3,"score":0.2590999901294708},{"id":"https://openalex.org/C2780202397","wikidata":"https://www.wikidata.org/wiki/Q2294986","display_name":"Smart objects","level":3,"score":0.25859999656677246},{"id":"https://openalex.org/C186967261","wikidata":"https://www.wikidata.org/wiki/Q5082128","display_name":"Mobile device","level":2,"score":0.2581000030040741},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.2549999952316284}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/jiot.2025.3633940","is_oa":false,"landing_page_url":"https://doi.org/10.1109/jiot.2025.3633940","pdf_url":null,"source":{"id":"https://openalex.org/S2480266640","display_name":"IEEE Internet of Things Journal","issn_l":"2327-4662","issn":["2327-4662","2372-2541"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Internet of Things Journal","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":55,"referenced_works":["https://openalex.org/W2905499724","https://openalex.org/W3003707605","https://openalex.org/W3010065569","https://openalex.org/W3046822792","https://openalex.org/W3092638631","https://openalex.org/W3095729894","https://openalex.org/W3149816972","https://openalex.org/W3157897910","https://openalex.org/W3164920863","https://openalex.org/W3175166461","https://openalex.org/W3181667991","https://openalex.org/W3193982829","https://openalex.org/W3206629225","https://openalex.org/W4206289605","https://openalex.org/W4210576267","https://openalex.org/W4211236184","https://openalex.org/W4214848767","https://openalex.org/W4221099481","https://openalex.org/W4224234761","https://openalex.org/W4226392654","https://openalex.org/W4229046661","https://openalex.org/W4283262357","https://openalex.org/W4285103009","https://openalex.org/W4285149626","https://openalex.org/W4285204990","https://openalex.org/W4292158436","https://openalex.org/W4292939696","https://openalex.org/W4294690828","https://openalex.org/W4294930907","https://openalex.org/W4296118025","https://openalex.org/W4296501415","https://openalex.org/W4296620249","https://openalex.org/W4312524677","https://openalex.org/W4320717878","https://openalex.org/W4324027704","https://openalex.org/W4380285880","https://openalex.org/W4382998674","https://openalex.org/W4384303817","https://openalex.org/W4385432819","https://openalex.org/W4385731845","https://openalex.org/W4387331370","https://openalex.org/W4390423632","https://openalex.org/W4391563872","https://openalex.org/W4393234337","https://openalex.org/W4396573247","https://openalex.org/W4399799613","https://openalex.org/W4399881249","https://openalex.org/W4400975113","https://openalex.org/W4400975150","https://openalex.org/W4404739542","https://openalex.org/W4405072573","https://openalex.org/W4405811928","https://openalex.org/W4406105530","https://openalex.org/W4407191924","https://openalex.org/W4408280797"],"related_works":[],"abstract_inverted_index":{"The":[0],"rapid":[1],"expansion":[2],"of":[3,6,63,67,89,142],"the":[4,46,61,64,121,146,190],"Internet":[5],"Things":[7,68],"(IoT)":[8],"has":[9],"established":[10],"LoRaWAN":[11,74,111,122,230],"(Long":[12],"Range":[13],"Wide":[14],"Area":[15],"Network)":[16],"as":[17,28,152],"a":[18,85,96,115],"leading":[19],"low-power,":[20],"long-range":[21],"communication":[22],"protocol":[23,48],"across":[24,45],"critical":[25],"domains":[26],"such":[27,151],"smart":[29],"cities,":[30],"agriculture,":[31],"and":[32,38,56,79,107,129,134,155,173,183,204,217,220,228],"healthcare.":[33],"However,":[34],"its":[35],"minimalist":[36],"design":[37],"reliance":[39],"on":[40,185],"unlicensed":[41],"spectrum":[42],"expose":[43],"vulnerabilities":[44,150],"entire":[47],"stack":[49],"from":[50],"physical-layer":[51],"jamming":[52],"to":[53,72,120],"MAC-layer":[54],"spoofing":[55],"application-layer":[57],"firmware":[58],"attacks.":[59],"Concurrently,":[60],"rise":[62],"Artificial":[65],"Intelligence":[66],"(AIoT)":[69],"introduces":[70],"opportunities":[71],"reinforce":[73],"security":[75,127],"via":[76],"decentralized,":[77],"intelligent,":[78],"adaptive":[80],"mechanisms.":[81],"This":[82],"paper":[83],"presents":[84],"systematic":[86],"mapping":[87],"study":[88],"81":[90],"peer-reviewed":[91],"publications":[92],"(2020\u20132025),":[93],"conducted":[94],"using":[95,166],"PRISMA-based":[97],"methodology.":[98],"Our":[99,137],"objectives":[100],"are":[101],"to:":[102],"(1)":[103],"identify":[104],"key":[105,175],"trends":[106],"research":[108,223],"directions":[109,224],"in":[110],"security,":[112],"(2)":[113],"propose":[114],"MITRE":[116,192],"ATT&CK-inspired":[117],"taxonomy":[118],"tailored":[119],"stack,":[123],"(3)":[124],"analyze":[125],"AIoT-based":[126],"contributions,":[128],"(4)":[130],"highlight":[131],"unresolved":[132],"challenges":[133],"future":[135],"perspectives.":[136],"findings":[138],"indicate":[139],"that":[140],"62%":[141],"documented":[143],"cyberattacks":[144],"target":[145],"MAC":[147],"layer,":[148],"exploiting":[149],"static":[153],"keys":[154],"weak":[156],"integrity":[157],"checks.":[158],"AI-driven":[159],"techniques":[160,198],"including":[161,207],"RF":[162],"fingerprinting":[163],"(97%":[164],"accuracy":[165],"CNNs),":[167],"federated":[168],"learning":[169],"for":[170],"anomaly":[171],"detection,":[172],"blockchain-based":[174],"management\u2014show":[176],"promise":[177],"but":[178],"raise":[179],"concerns":[180],"about":[181],"scalability":[182],"deployment":[184],"constrained":[186],"devices.":[187],"We":[188],"introduce":[189],"first":[191],"ATT&CK-LoRaWAN":[193],"matrix,":[194],"detailing":[195],"18":[196],"attack":[197],"(e.g.,":[199],"energy":[200],"depletion,":[201],"rogue":[202],"gateways)":[203],"associated":[205],"countermeasures,":[206],"post-quantum":[208],"Kyber-1024":[209],"encryption.":[210],"Finally,":[211],"we":[212],"discuss":[213],"major":[214],"technical,":[215],"methodological,":[216],"interoperability":[218],"challenges,":[219],"suggest":[221],"actionable":[222],"toward":[225],"secure,":[226],"AI-native,":[227],"resilient":[229],"infrastructures.":[231]},"counts_by_year":[],"updated_date":"2026-03-07T16:01:11.037858","created_date":"2025-11-17T00:00:00"}