HAIC Talk: On the security of eBPF Linux kernel extensions— with Riccardo Sisto

HAIC talk
The HAIC public outreach initiative aims to make cybersecurity more accessible to a broader audience. As part of this initiative, are organizing HAIC Talks, a series of public lectures on contemporary topics in cybersecurity. In the style of studia generalia, these lectures are free and open to everyone. No background knowledge in cybersecurity is required. HAIC Talks are made possible through the generous support of the Aalto University School of Science.

When

Where

Onsite
Riccardo Sisto
Riccardo Sisto

October 20, 2025: On the security of eBPF Linux kernel extensions— with Riccardo Sisto

Lecture description: eBPF is a very powerful new technology that is revolutionising the approach to system operations, such as system and network monitoring and security enforcement. Since it is based on enabling the execution of user-provided code in the kernel, the flexibility and performance advantages it provides come with a price in terms of security risk. Even though eBPF was endowed with security mechanisms designed to counter the main possible threats, such mechanisms are far from perfect and have their own vulnerabilities.

The purpose of this talk is to present the main security issues of eBPF, including attack surfaces and countermeasures, and to discuss the underlying risks and future trends. The talk is based on studies done within the Elastic EU Project.

About the speaker: Riccardo Sisto is a Full professor at the Turin Polytechnic, Italy, in the Department of Control and Computer Engineering, where he leads the Netgroup, a research group focusing on the study of networking-related technologies.

Riccardo Sisto holds a Master’s degree in Computer Engineering and a PhD in System and Computer Engineering, both received from the Turin Polytechnic.

Riccardo Sisto’s current research focuses on formal methods applied to distributed systems, networks, and cybersecurity. His main contributions in the cybersecurity area refer to network security automation and security protocol verification. He is the author or co-author of more than 150 peer-reviewed publications. He was awarded 2 research grants from Cisco Systems, and he has been involved in several EU-funded research projects.

At the Turin Polytechnic, Riccardo Sisto is a teacher of courses on Distributed Systems Programming, Formal Languages and Compilers, and Security Verification and Testing in the Master’s Degrees in Computer Engineering and Cybersecurity.

Time: 20.10.2025 at 16:00 – 17:30 (coffee and buns served from 15:30). The lecture will be approximately 60 minutes, after which there will be time for questions.

Venue: Lumituuli auditorium, Dipoli, Aalto University (Otakaari 24, Espoo).

Registration: The event is open to all and free of charge but we ask you to register for the event as it will help us to estimate the number of coffee ordered, thank you!

  • Updated:
  • Published:
Share
URL copied!