With the advancement of Internet of Things (IoT) technology, its applications span various sectors such as public, industrial, private and military. In particular, the drone sector has gained significant attention for both commercial and military purposes. As a result, there has been a surge in research focused on vulnerability analysis of drones. However, most security research to mitigate threats to IoT devices has focused primarily on networks, firmware and mobile applications. Of these, the use of fuzzing to analyze the security of firmware requires emulation of the firmware. However, when it comes to drone firmware, the industry lacks emulation and automated fuzzing tools. This is largely due to challenges such as limited input interfaces, firmware encryption and signatures. While it may be tempting to assume that existing emulators and automated analyzers for IoT devices can be applied to drones, practical applications have proven otherwise. In this paper, we discuss the challenges of dynamically analyzing drone firmware and propose potential solutions. In addition, we demonstrate the effectiveness of our methodology by applying it to DJI drones, which have the largest market share.

翻译：随着物联网（IoT）技术的发展，其应用已涵盖公共、工业、民用及军事等多个领域。其中，无人机领域在商业和军事方面备受关注，因此针对无人机漏洞分析的研究显著增加。然而，大多数旨在缓解物联网设备安全威胁的研究主要集中于网络、固件和移动应用程序。在这些研究中，利用模糊测试分析固件安全性需要借助固件模拟技术。但就无人机固件而言，业界缺乏模拟和自动化模糊测试工具。这主要源于输入接口受限、固件加密与签名验证等挑战。尽管人们可能倾向于认为现有适用于物联网设备的模拟器和自动化分析工具也能应用于无人机，但实际应用结果证明并非如此。本文探讨了动态分析无人机固件的难点，并提出潜在解决方案。此外，我们通过将该方法应用于市场占有率最高的大疆无人机，验证了方法的有效性。