Hardware-Assisted EDR for Kernel-Level Attack Defense

This presentation explores hardware-assisted out-of-band EDR solutions to address software-based vulnerabilities and kernel-level attack risks. It introduces a new approach using PCIe-based DMA for agentless memory inspection, offering OS-independent operation. Key highlights include FPGA integration, experimental findings showing 100% detection success, and analysis of trade-offs like latency. The session concludes with future directions on improving detection efficiency and proactive defenses.