Doreen Joseph

UC Davis

“Leveraging Transformers for Firmware Binary Analysis”

“The rapidly growing ecosystem that is the Internet of Things consists of devices like smartwatches and smart thermostats, each composed of various hardware components, such as displays, sensors, and storage. Firmware is the specialized software entity that controls how these hardware components function. Unlike traditional software, firmware interacts directly with hardware, and serves as a storage location for sensitive information. It can become a single point of failure if compromised, thereby compromising an entire device or system.

Unfortunately, firmware is often left unprotected and attackers have noticed, so we’ve seen a growing number of reported firmware vulnerabilities and attacks in recent years. The aim of my research is to develop automated firmware analysis techniques to help developers and security practitioners find firmware vulnerabilities and mitigate them before public release. The goal is to help proactively prevent firmware from being released with known vulnerabilities, as well as help to defend the diverse firmware already in the wild. More specifically, I investigate the application of Transformer-based models from Natural Language Processing for binary code analysis.”


The purpose of this work is to advance embedded firmware security testing by developing automated and tailored binary analysis techniques. We leverage Transformer-based machine learning models equipped with both code syntax and structure information to learn semantically-rich representations of functions in firmware binaries. These representations can then be used in further security analysis tasks.

8 + 2 =