Faculté des Sciences appliquées
Faculté des Sciences appliquées

Lightweight Middlebox TCP

Gaillard, Romain ULiège
Promotor(s) : Mathy, Laurent ULiège
Date of defense : 8-Sep-2016/9-Sep-2016 • Permalink :
Title : Lightweight Middlebox TCP
Author : Gaillard, Romain ULiège
Date of defense  : 8-Sep-2016/9-Sep-2016
Advisor(s) : Mathy, Laurent ULiège
Committee's member(s) : Leduc, Guy ULiège
Barbette, Tom ULiège
Boigelot, Bernard ULiège
Language : English
Number of pages : 72
Keywords : [en] middlebox
[en] tcp
[en] network
Discipline(s) : Engineering, computing & technology > Computer science
Institution(s) : Université de Liège, Liège, Belgique
Degree: Master en sciences informatiques, à finalité approfondie
Faculty: Master thesis of the Faculté des Sciences appliquées


[en] Nowadays, middleboxes are important actors of the Internet and they are used in many contexts such as network address translation, firewalls, load balancers, and intrusion detection systems, among others. Consequently, their implementation can have a great impact on the performance of networks and it is thus crucial to ensure that they do not become bottlenecks.

The objective of this work is to develop a lightweight and middlebox-oriented TCP stack that takes into account the specificities of the context in which middleboxes work in order to provide them with the ability to inspect and modify the traffic, as well as inject packets. All of this on the fly. This manuscript first describes the architecture of the developed framework, listing its components and functionalities, and how to use them to create middleboxes.

We then continue by providing information about the development and the design of the framework, describing the underlying data structures. In addition, we detail the algorithms at the heart of the TCP stack as well as the corresponding time complexities and we explain why they are important to achieve our goals.

The results indicate that it is possible to use this framework to implement a middlebox that performs deep packet inspection with a small and constant overhead. On the other hand, when the middlebox starts modifying the flows, the overhead becomes linear regarding the size of the content. We show that the modularity of the framework we developed allows the users to mitigate the induced overhead by selecting only the features they need.

Finally, we list some elements that could not be implemented in this work, proposing some improvements to the present work that could be made in the future in order to extend it.



Access masters_thesis_romain_gaillard.pdf
Size: 3.03 MB
Format: Adobe PDF


Size: 3.63 MB
Format: Unknown


  • Gaillard, Romain ULiège Université de Liège > Master sc. informatiques, fin. appr. (ex 2e master)


Committee's member(s)

  • Leduc, Guy ULiège Université de Liège - ULg > Dép. d'électric., électron. et informat. (Inst.Montefiore) > Réseaux informatiques
    ORBi View his publications on ORBi
  • Barbette, Tom ULiège Université de Liège - ULg > Dép. d'électric., électron. et informat. (Inst.Montefiore) > Systèmes informatiques répartis et sécurité
    ORBi View his publications on ORBi
  • Boigelot, Bernard ULiège Université de Liège - ULg > Dép. d'électric., électron. et informat. (Inst.Montefiore) > Informatique
    ORBi View his publications on ORBi
  • Total number of views 153
  • Total number of downloads 483

All documents available on MatheO are protected by copyright and subject to the usual rules for fair use.
The University of Liège does not guarantee the scientific quality of these students' works or the accuracy of all the information they contain.