IoT technology has been developing rapidly, while at the same time, it raises
cybersecurity concerns. Mirai, a notorious IoT malware, is one of the
representative threats; it infects many IoT devices and turns them into
botnets, and the botnets rapidly spread infection over IoT networks. It seems
hard to eliminate the chance of devices being infected with malware completely.
Therefore, we believe it is essential to consider systems that enable us to
remotely stop (or control) infected devices as soon as possible to prevent or
limit malicious behaviors of infected devices. In this paper, we design a
promising candidate for such remote-control systems, called IoT-REX
(REemote-Control System for IoT devices). IoT-REX allows a systems manager to
designate an arbitrary subset of all IoT devices in the system and generate
authenticated information that contains any command the system manager wants.
Every device can confirm whether or not the device itself was designated; if
so, the device executes the command. Towards realizing IoT-REX, we introduce a
novel cryptographic primitive called centralized multi-designated verifier
signatures (CMDVS). Although CMDVS works under a restricted condition compared
to conventional MDVS, it is sufficient for realizing IoT-REX. We provide an
efficient CMDVS construction from any approximate membership query structures
and digital signatures, yielding compact communication sizes and efficient
verification procedures for IoT-REX.

By admin