Hanlon's razor states "never attribute to malice that which is adequately explained by stupidity". Its corollary could be expressed as “always be smart to cope with that is due to malice.”

Marc Dacier is a full professor of Computer Science (CS) and a member of the Resilience Computing and Cybersecurity research Center (RC3) at King Abdullah University of Sciences and Technology, Saudi Arabia. He is leading the SeRBER group which stands for "Security Research Bearing Experimental Results". 

Dr. Dacier obtained his Ph.D. from INPT in 1994 from his work done at LAAS, CNRS, in Toulouse (France). Since then, he has had a balanced career between industry and academia. After his thesis, he worked for one year as a security consultant in Paris, France, for France Telecom and the French ministry of interior. In 1996, he joined IBM Research in Zurich (Switzerland) to create the Global Security Analysis Laboratory (GSAL). In 2002, he became a professor at Eurecom. In 2008, he joined Symantec to build its European Research Labs. Later, he spent two years in the USA to manage all the collaborative research projects, worldwide. In that role, he was in charge of teams in France, Ireland, and in the United States. He was also the university relationship manager for Symantec Research Labs, worldwide. In 2014, he became the director of the cybersecurity research group at QCRI, in Qatar, where he lived for 3 years. In October 2017, Dr. Dacier came back to EURECOM to become the head of the Digital Security department and a full professor. An internationally recognized expert in cybersecurity, Dr. Dacier has served on more than 120 program committees of all major security and dependability conferences and as a member of the editorial board of several top-tier technical peer-reviewed journals.

Education and early career

Before joining KAUST, Dr. Dacier worked as a full professor and department head of the digital security group at Eurecom. He holds a Ph.D. degree in computer science, European Label, from the Institut National Polytechnique de Toulouse (INPT), France.

Areas of expertise and current scientific interests

Intrusion detection, intrusion tolerance, network security, cybersecurity, threat intelligence, fraud detection.

Career Recognition

  • IBM Outstanding Technical Achievement Award
  • In 2005, he received the IBM Faculty Award.
  • In 2018, he received a Community Service Award for having served for 20 years as chair of the RAID symposium steering committee.

Selected Research Highlights

Dr. Dacier has created the RAID conference in 1998 which is now one of the main security conferences (class A conference in CORE ranking) RAID stands now for Research in Attacks, Intrusions, and Defenses but initially was Recent Advances in Intrusion Detection.

At IBM, his team produced the very first to market product for intrusion detection alerts correlation. Such a platform is now part of every enterprise under the name SIEM or SOC (Security Information Events Management or Security Operation Center).

At Symantec, his team built an open platform aiming at sharing operational security data collected by Symantec with researchers from all around the world to promote the reproducibility of security experiments. The platform was called WINE (Worldwide Intelligent Network Environment) and led to numerous publications by several university research teams in top security conferences.


  • Building 4, Level 3, seaside, office 3234.

Education Profile

  • Ph.D, 1994, INPT, Toulouse, France
  • Master in computer sciences (Degree of Ingénieur Civil en Informatique), 1989, University of Louvain, Belgium.


  • Methods to identify malicious web domain names thanks to their dynamics, I. Khalil, T. Yu, M. Dacier, US Patent 10,681,070, 2020, Published June 9, 2020.

  • Detecting a hijacked network address, P.A Vervier, M. Dacier, O. Thonnard, US Patent 9,654,504, 2017, Published May 16, 2017.

  • Heuristics-based protocol labeling for industrial control systems, C. Leita, M. Dacier, US Patent 9384066, Published July 5, 2016.

  • Systems and methods for performing Internet site security analyses, C. Leita, M. Dacier, US Patent 9161249, Published October 13, 2015.

  • Systems and methods for neutralizing file-format-specific exploits included within files contained within electronic communications, C. Nachenberg, F. Guo, S. Nanda, S. Bhatkar, D. Shou, M. Dacier, US Patent 9009459, Published April 14, 2015.

  • Method, computer program element and a system for processing alarms triggered by a monitoring system, M. Dacier, K. Julisch, US Patent 7,437,762 (US 20030101260A1) – Published: 2003-06-12 / Filed: 2002-11-1, International Business Machines Corporation, Armonk, NY.

  • Detection of intrusions containing overlapping reachabilities, M. Dacier, P. Scotton, US Patent US6487204 – Published: 2002-11-26 / Filed: 1999-05-12, International Business Machines Corporation, Armonk, NY. 

Research Group

Dr. Dacier leads the so called SeRBER research group, which stands for Security Research Bearing Experimental Results.


The perspective of participating in an emerging research center and discipline in a place as renowned as KAUST was really hard to resist.