Abstract

Firmware extraction from consumer drones is a critical step in evaluating system security, enabling forensic investigations, and identifying potential vulnerabilities. Using the Holy Stone HS175D as a representative case study, this work outlines methods for acquiring firmware through onboard flash memory access, update file capture, and hardware debug interfaces such as UART, SPI, or JTAG. Once obtained, the firmware can be analyzed with reverse engineering tools to uncover code structures, cryptographic protections, and system-level design choices. Challenges include proprietary protections, encryption, and the inherent risks of hardware disassembly, yet successful extraction provides valuable insights into drone security and trustworthiness. As future work, this research will extend to additional consumer platforms such as DJI and Parrot, which employ diverse firmware architectures and update pipelines. A unified methodology for cross-platform firmware acquisition and analysis will support comparative studies, highlight recurring weaknesses, and advance best practices for resilient and verifiable unmanned aerial systems.

About the Speaker

Dr. Sneha Sudhakaran is an Assistant Professor of Computer Science at the Florida Institute of Technology, specializing in cyber forensics with emphasis on mobile and memory forensics. She earned her Ph.D. from Louisiana State University, where she developed Android forensic tools such as DroidScraper and AmpleDroid to recover evidence from application memory. Her research spans mobile application security, SCADA and drone forensics, image forensics, and Android reverse engineering, with publications in leading venues including Digital Investigation and Computers & Security. Dr. Sudhakaran is the founder of the Women in Cyber Security (WiCyS) chapter at Florida Tech and contributes actively to WiCyS Global, AAFS. She serves as reviewer for Elsevier Computers & Security, Digital Investigation, and SIGCSE, and as a committee member, moderator and session chair for WiSec, USENIX, DFRWS, AAFS and PAINE. Beyond her academic role, she contributes as an item writer for EC-Council’s CHFI certification and serves on the Board of Studies at Amrita University. Through her research, teaching, and professional service, Dr. Sudhakaran advances both the science and practice of cybersecurity while promoting diversity and workforce development in the field.