Hello,
I fully understand that but I'd like to share some of my experience working on anti cheat measures in an open world game that I believe have a few things in common with ED, in particular reliance on peer to peer networking and giving a lot of authority to clients.
In the first installment of the franchise, we used what I'd call a "whack a mole" approach to anticheat.
We'd procure cheating tools that were sold for our games, figured out how they worked (most were standalone trainers built with cheateengine and I made a small tool to extract the .CENGINE file from them which I could then open in cheateengine. I could figure exactly which piece of code they were patching and in which way they changed it), and then figured how to prevent them from working anymore
We had an arsenal of tricks at our disposal, one of them was to wrap some values in such a way that they were crudely encrypted in memory, so that finding them with things like cheateengine wouldn't work. We did other things such as randomizing the location of pointers to singletons to try and defeat some tricks used to locate variables on the heap (that didn't have fixed addresses) by following pointers from static variables (which are at fixed addresses).
This approach was time consuming and not very effective. We'd spend days of work to analyze and block some cheats, it then took weeks for the patch to go live, and then only days again for cheaters to find new ways of cheating.
As you probably found out, just like we did, there isn't any way to prevent a process with sufficient privilege to read and write the memory of another process.
The only real way to block this is to proactively monitor other processes running on the computer to detect those getting a handle on your process. It's fraught with many pitfalls though, as many things have legitimate reasons to do so (drivers, overlays, antivirus software, etc), and cheating code could also be injected into such a legitimate process and work from there to avoid detection.
So, In the sequel of that game, we went for a completely different approach: we used a third party solution. We chose battlEye, and it works splendidly (It's certainly not the only viable solution, I'm not a BE sales rep). We have seemingly no cheating going on other than players exploiting bugs, which we can just fix.
Of course the downside is that these turnkey solutions are expensive. But if you are serious about cheating, you need to weight that cost against trying to develop anticheat solutions yourselves, especially considering that the whack a mole approach doesn't really work and that developing a solution similar to battlEye that monitors processes for suspicious activity towards ED, without creating problems for non cheaters, is really really hard.
I had a similar train of though but their might be some obstacles to overcome if they go that route:
1. You state you introduced BE in a sequel, but one "problem" I could see is whether FDEV can introduce the requirement of anticheat software for a game that has been released for several years without getting major backlash?
2. In every game that uses BE that I know of (I only really know a few select ones), you can actually refuse to install BE and connect to BattleEye free servers (with the risk of running into cheaters of course) or play in single player without BE. How would this work in Elite Dangerous?