Energy-Efficient Multi-LLM Reasoning for Binary-Free Zero-Day Detection in IoT Firmware

TL;DR

This paper introduces a binary-free, energy-efficient multi-LLM reasoning framework for zero-day vulnerability detection in IoT firmware, overcoming limitations of traditional binary-dependent analysis methods.

Contribution

It presents a novel architecture combining multiple large language models and formal mathematical foundations to estimate zero-day risks without binary access, enhancing interpretability and energy efficiency.

Findings

High exposure increases zero-day likelihood predictions by 20-35%.

GPT-4o shows strongest cross-layer correlations and sensitivity.

Energy and divergence metrics predict elevated risk with p < 0.01.

Abstract

Securing Internet of Things (IoT) firmware remains difficult due to proprietary binaries, stripped symbols, heterogeneous architectures, and limited access to executable code. Existing analysis methods, such as static analysis, symbolic execution, and fuzzing, depend on binary visibility and functional emulation, making them unreliable when firmware is encrypted or inaccessible. To address this limitation, we propose a binary-free, architecture-agnostic solution that estimates the likelihood of conceptual zero-day vulnerabilities using only high-level descriptors. The approach integrates a tri-LLM reasoning architecture combining a LLaMA-based configuration interpreter, a DeepSeek-based structural abstraction analyzer, and a GPT-4o semantic fusion model. The solution also incorporates LLM computational signatures, including latency patterns, uncertainty markers, and reasoning depth indicators, as well as an energy-aware symbolic load model, to enhance interpretability and operational feasibility. In addition, we formally derive the mathematical foundations of the reasoning pipeline, establishing monotonicity, divergence, and energy-risk coupling properties that theoretically justify the model's behavior. Simulation-based evaluation reveals that high exposure conditions increase the predicted zero-day likelihood by 20 to 35 percent across models, with GPT-4o demonstrating the strongest cross-layer correlations and the highest sensitivity. Energy and divergence metrics significantly predict elevated risk (p < 0.01), reinforcing the effectiveness of the proposed reasoning framework.