Detection of vulnerabilities in software for unmanned aerial vehicles by using large language models

Authors

DOI:

https://doi.org/10.15587/1729-4061.2026.352029

Keywords:

UAV firmware analysis, LLM-driven binary vulnerability analysis, MCP protocol, binary analysis context extension

Abstract

This study considers binary software samples that operate and control unmanned aerial vehicles (UAVs). The task addressed is to detect vulnerabilities in UAV software given the absence of application source code.

An improved method for automated vulnerability detection has been proposed, as well as a corresponding algorithm, a universal instruction template, and an architectural model for automated vulnerability search involving the capabilities of large language models (LLMs). Compared to the fuzzing method, the proposed method provides an average increase in accuracy to 94.7% while reducing the analysis time by 4 times.

The method proposed for detecting UAV software vulnerabilities integrates binary analysis tools with the capabilities of logical inference and LLM pattern recognition. The corresponding algorithm for detecting UAV software vulnerabilities consists of processing stages, static analysis, logical inference using LLM, verification, correlation with known vulnerabilities, and reporting. The instruction template is independent of the features of the sample and tools and provides accurate logical conclusions. A new architectural communication model based on the Model-Context Protocol (MCP) provides universal interaction between LLM and decompilation tools.

A comparative analysis of the method's applications for different implementations of cloud LLMs was carried out. Key advantages include the generation of detailed vulnerability reports, decreasing analysis time from hours to minutes through automation, as well as reducing the qualification requirements for reverse engineers who perform the analysis. The proposed solutions enable proactive security assessment of UAV software, as well as automated vulnerability detection

Author Biographies

Аndrіі Vоіteskhоvskyі, National Technical University of Ukraine «Igor Sikorsky Kyiv Polytechnic Institute»

PhD Student

Department of Information Security

Іrynа Stоpоchkіnа, National Technical University of Ukraine «Igor Sikorsky Kyiv Polytechnic Institute»

PhD, Аssоcіаte Prоfessоr

Depаrtment оf Іnfоrmаtіоn Securіty

Pu Sun, San Diego State University

PhD Student

Depаrtment оf Electrіcаl аnd Cоmputer Engіneerіng

Junfeі Xіe, San Diego State University

PhD

Depаrtment оf Electrіcаl аnd Cоmputer Engіneerіng

Mykоlа Іlіn, National Technical University of Ukraine «Igor Sikorsky Kyiv Polytechnic Institute»

PhD, Аssоcіаte Prоfessоr

Depаrtment оf іnfоrmаtіоn securіty

Оleksіі Nоvіkоv, National Technical University of Ukraine «Igor Sikorsky Kyiv Polytechnic Institute»

Dоctоr оf Technіcаl Scіences, Professor

Depаrtment оf Іnfоrmаtіоn Securіty

References

  1. Sivakumar, M., Tyj, N. M. (2021). A Literature Survey of Unmanned Aerial Vehicle Usage for Civil Applications. Journal of Aerospace Technology and Management, 13. https://doi.org/10.1590/jatm.v13.1233
  2. Stopochkina, I., Novikov, O., Voitsekhovskyi, A., Ilin, M., Ovcharuk, M. (2025). Simulation of UAV networks on the battlefield, taking into account cyber- physical influences that affect availability. Theoretical and Applied Cybersecurity, 6 (2). https://doi.org/10.20535/tacs.2664-29132024.2.318182
  3. px4. Available at: https://px4.io/
  4. What is ArduPilot? Available at: https://ardupilot.org/
  5. CVE-2023-47625 Detail. National Vulnerability Database. Available at: https://nvd.nist.gov/vuln/detail/CVE-2023-47625/
  6. Tyshchenko, A., Stopochkina, I. (2025). Design of a simulation tool for planning UAV mission success under combat constraints. Eastern-European Journal of Enterprise Technologies, 5 (9 (137)), 14–26. https://doi.org/10.15587/1729-4061.2025.340918
  7. Vulnerabilities (Dronecode). Dronecode CVEs and Security Vulnerabilities – OpenCVE. Available at: https://app.opencve.io/cve/?vendor=dronecode
  8. Siala, H. A., Lano, K. (2025). Towards Using LLMs in the Reverse Engineering of Software Systems to Object Constraint Language. 2025 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), 1–6. https://doi.org/10.1109/saner64311.2025.00096
  9. Williamson, A. Q., Beauparlant, M. (2024). Malware Reverse Engineering with Large Language Model for Superior Code Comprehensibility and IoC Recommendations. https://doi.org/10.21203/rs.3.rs-4471373/v1
  10. Contributing to MCP. Model Context Protocol a Series. Available at: https://modelcontextprotocol.io/community/contributing
  11. Silva, C. E., Campos, J. C. (2013). Combining static and dynamic analysis for the reverse engineering of web applications. Proceedings of the 5th ACM SIGCHI Symposium on Engineering Interactive Computing Systems, 107–112. https://doi.org/10.1145/2494603.2480324
  12. IDA Pro. hex-rays. Available at: https://hex-rays.com/ida-pro
  13. Valgrind. Available at: https://valgrind.org/
  14. Chen, C., Cui, B., Ma, J., Wu, R., Guo, J., Liu, W. (2018). A systematic review of fuzzing techniques. Computers & Security, 75, 118–137. https://doi.org/10.1016/j.cose.2018.02.002
  15. Kim, Y., Cho, K., Kim, S. (2024). Challenges in Drone Firmware Analyses of Drone Firmware and Its Solutions. аrXіv. https://doi.org/10.48550/arXiv.2312.16818
  16. Zhang, B. (2021). Research Summary of Anti-debugging Technology. Journal of Physics: Conference Series, 1744 (4), 042186. https://doi.org/10.1088/1742-6596/1744/4/042186
  17. Zhou, X., Zhang, T., Lo, D. (2024). Large Language Model for Vulnerability Detection: Emerging Results and Future Directions. аrXіv. https://doi.org/10.48550/arXiv.2401.15468
  18. Li, H., Hao, Y., Zhai, Y., Qian, Z. (2024). Enhancing Static Analysis for Practical Bug Detection: An LLM-Integrated Approach. Proceedings of the ACM on Programming Languages, 8 (OOPSLA1), 474–499. https://doi.org/10.1145/3649828
  19. Liu, P., Sun, C., Zheng, Y., Feng, X., Qin, C., Wang, Y. et al. (2023). Harnessing the Power of LLM to Support Binary Taint Analysis. аrXіv. https://doi.org/10.48550/arXiv.2310.08275
  20. Li, Y., Li, X., Wu, H., Xu, M., Zhang, Y., Cheng, X. et al. (2025). Everything You Wanted to Know About LLM-based Vulnerability Detection But Were Afraid to Ask. аrXіv. https://doi.org/10.48550/arXiv.2504.13474
  21. Qin, W., Suo, L., Li, L., Yang, F. (2025). Advancing Software Vulnerability Detection with Reasoning LLMs: DeepSeek-R1′s Performance and Insights. Applied Sciences, 15 (12), 6651. https://doi.org/10.3390/app15126651
  22. Introducing Claude 4. Anthropic. Available at: https://www.anthropic.com/news/claude-4
  23. IDAPython API Reference. Available at: https://python.docs.hex-rays.com/
  24. Binary Ninja. Available at: https://binary.ninja/
  25. AFL++ Overview. Available at: https://aflplus.plus/
  26. Claude Opus 4.1 (2025). Anthropic. Available at: https://www.anthropic.com/news/claude-opus-4-1
  27. DeepSeek-R1 Release. DeepSeek. Available at: https://api-docs.deepseek.com/news/news250120/
  28. Amazon Nova - generative AI foundational models. Available at: https://aws.amazon.com/ru/nova/
  29. Grok Code Fast 1. x.ai. Available at: https://x.ai/news/grok-code-fast-1
  30. Impress-U-IS-KPI. Available at: https://github.com/Impress-U-IS-KPI/data_processing
Detection of vulnerabilities in software for unmanned aerial vehicles by using large language models

Downloads

Published

2026-02-27

How to Cite

Vоіteskhоvskyі А., Stоpоchkіnа І., Sun, P., Xіe J., Іlіn M., & Nоvіkоv О. (2026). Detection of vulnerabilities in software for unmanned aerial vehicles by using large language models. Eastern-European Journal of Enterprise Technologies, 1(2 (139), 36–47. https://doi.org/10.15587/1729-4061.2026.352029

Issue

Vol. 1 No. 2 (139) (2026): Information technology. Industry control systems

Section

Information technology

License

Copyright (c) 2026 Аndrіі Vоіteskhоvskyі, Іrynа Stоpоchkіnа, Pu Sun, Junfeі Xіe, Mykоlа Іlіn, Оleksіі Nоvіkоv

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The consolidation and conditions for the transfer of copyright (identification of authorship) is carried out in the License Agreement. In particular, the authors reserve the right to the authorship of their manuscript and transfer the first publication of this work to the journal under the terms of the Creative Commons CC BY license. At the same time, they have the right to conclude on their own additional agreements concerning the non-exclusive distribution of the work in the form in which it was published by this journal, but provided that the link to the first publication of the article in this journal is preserved.

A license agreement is a document in which the author warrants that he/she owns all copyright for the work (manuscript, article, etc.).
The authors, signing the License Agreement with TECHNOLOGY CENTER PC, have all rights to the further use of their work, provided that they link to our edition in which the work was published.
According to the terms of the License Agreement, the Publisher TECHNOLOGY CENTER PC does not take away your copyrights and receives permission from the authors to use and dissemination of the publication through the world's scientific resources (own electronic resources, scientometric databases, repositories, libraries, etc.).
In the absence of a signed License Agreement or in the absence of this agreement of identifiers allowing to identify the identity of the author, the editors have no right to work with the manuscript.
It is important to remember that there is another type of agreement between authors and publishers – when copyright is transferred from the authors to the publisher. In this case, the authors lose ownership of their work and may not use it in any way.