Direct Memory Access Everywhere

Name: Direct Memory Access Everywhere
Description: Direct Memory Access (DMA) attacks have been a fixture in hardware security research for decades. The threat model is straightforward in principle: an attacker who gains physical access to an exposed

Joe FitzPatrick, Grace Parrish

DEF CON 33 · Day 3 · Main Stage

Direct Memory Access (DMA) attacks have been a fixture in hardware security research for decades. The threat model is straightforward in principle: an attacker who gains physical access to an exposed

AI review

Joe FitzPatrick and Grace Parrish introduce Epic Erebus, a new open-source PCIe tool providing full Transaction Layer Packet control for DMA attack testing and IOMMU validation, intended to make DMA penetration testing accessible without deep FPGA development expertise. Situates the tool in the context of a persistent DMA attack surface that decades of awareness and mitigations have failed to close.