It should be - if a server firehose streams all players' network data to an analysis thing, it should be able to detect patterns of impossible accuracy and response time, even though there is some margin for error due to e.g. lag and packet loss (iirc intentional lag / packet loss are some strategies cheaters use to obfuscate things like aimbots, e.g. generating movements that shoot someone in the head but holding them back for a second or so so that in theory a competent player could have done the required motions within a second instead of 1/100th thereof)
Without kernel level anti cheat you can detect (some) other usermode cheats, but not kernel level cheats. With kernel level anticheat, you can detect the vast majority of other kernel level cheats. Vanguard is effective enough that most successful cheaters are using external devices and DMA to bypass the kernel altogether (or they just use Macs because Apple doesn't allow Vanguard). And despite Riot's insistence to the contrary, they have not "detected" DMA cheats.
Advanced DMA/IOMMU attacks are hard, soft and firmware specific.
In order to detect it, you'll have to do a ton of very expensive work all the while you risk destroying the customers soft, firm and hardware.
Good luck explaining the judge what you did.