Memory-safe TCP stream reassembly (with Rust)

DegreeBachelor / Master
Supervisor(s)Maximilian Hils, MSc


Have you ever tried to reassemble a large number of TCP streams, but were unsure whether those reassembled streams are correct? No? Well, we have, and so have other researchers.

In this project you will be comparing a number of TCP stream reassembly libraries between each other for consistency, and tshark, which is the terminal interface of wireshark, arguably the “gold standard” of network traffic capture. For these tools you will build an (ideally automated) evaluation framework for TCP reassembly libraries. We are interested in whether there are notable differences between existing libraries, and to tshark. Setting up a well organized and (ideally automated) comparison framework provides an important and tangible benefit to open source developers, and makes for a great bachelor’s thesis.

If you want to go beyond that, or are looking for a master’s thesis, look no further. Using the awesome, fully automated, easy to reuse evalution framework you built with the awesome skills you picked up in your degree, you will build a NEW and CORRECT (at least consistent with existing implementations) TCP reassembly library in a memory safe language, ideally Rust.

What is that? This is still not ambitious enough for you? Okay, then feel free to add Python bindings to your awesome library. This helps even duck typing Python developers to know that at least their underlying TCP library does what it’s supposed to do. Your use of a programming language with included safety features and the well organized unit and integration tests will result in an awesome and hopefully widely used library.


  • Pratomo, B.A., Burnap, P., and Theodorakopoulos, G. Unsupervised Approach for Detecting Low Rate Attacks on Network Traffic with Autoencoder. In International Conference on Cyber Security and Protection of Digital Services (Cyber Security). 2018.