Antivirus and cyber security systems used for computers are software-based.
Today, cyber espionage can be done not only with codes and programs, but also on hardware.
It is possible to spy directly on the hardware, bypassing the operating system and antivirus by loading harmful codes into the firmware on the chips of the hardware.
While it is possible to clean the malicious rootkits infecting the UEFI / BIOS firmware and Harddisk firmware of the computer by reinstalling the original firmware of the hardware manufacturer, the firmware of the chips in the other hardware of the computer (keyboard, mouse, mouse, usb controller, camera, microphone, video card, PCI slots and other hardware) It is not possible for ordinary people to detect and clean rootkits infected with the rootkit.
For this reason, a special operating system or special system software is required to detect rootkits that infect the firmware of chips in other hardware.
This system and operating system can detect by examining the signals given by other hardware to the system and by examining the operation of the firmware on the hardware chip, if possible, by examining its digital signature.
You can claim that the Sniffer and Monitor programs on the market can do this function. But these programs can examine as much as the operating system they are running gives them.
Therefore, a different system or operating system is required in this regard. Apart from this, "hardware antivirus" can be developed as an alternative to software antivirus and software cyber security systems.
Security software is usually installed on the operating system, the operating system kernel and, if necessary, the motherboard bios/uefi section. Alternatively, a "hardware antivirus" with a different motherboard and processor can be placed inside the existing computer case, regardless of the computer used.
The difference of this "hardware antivirus" from IDS, IPS and External Firewalls is that it can directly connect to the computer's memory, hard disk and network paths with a physical cable or implant, and physically control the computer system, ensuring the security of the computer regardless of the current operating system and motherboard.
This "hardware antivirus" can physically monitor the computer's input and output ports, stopping hard-to-detect BadUSB and NSA ANT tool attacks.