The article describes a method for restoring the structure of network traffic with zero prior knowledge. The importance of the problem being solved is explained (government authorities requirements and recent incidents in the field of information security). A brief description of the existing approaches is given. The general architecture of the proposed method based on the previous research of the authors is described [5]. Incoming packets are divided into groups according to the format of the transmitted data, for each group a prediction is made of the presence of a field boundary for each offset inside the packet. Groups of packets with a prediction confidence value less than the specified one are processed by a method working with variable-length fields using the ideas of genetic algorithms: mutations are selected iteratively for a set of proposed boundaries, a quality metric is calculated for each mutation, the best mutations are transferred to the next step.