This paper discusses how intrusion detection systems work. After getting a solid understanding of the working mechanism of IDS, they discuss how packet reassembly works and then moves forward to look into different policy implemented for packet reassembly where it is dependent on the operating system implementation of the RFC.
You can download it from the following link: https://packetstormsecurity.com/files/download/159482/overlapping-ipfragments.pdf
Source: https://packetstormsecurity.com/files/159482/Packet-Reassembly-And-Overlapping-IP-Fragments.html