网络隐蔽信道是在网络环境下违反通信限制规则进行隐蔽信息传输的信息通道，为网络信息安全带来了新的挑战，也为数据传输的安全性和隐私性带来了新的研究方向.首先介绍了网络隐蔽信道的定义、分类、能力维度等基本概念；进而从码元设计、信息编码和信道优化这3个方面归纳分析了存储型和时间型两类网络隐蔽信道的构建技术，从隐蔽性、鲁棒性和传输效率这3个方面总结了网络隐蔽信道评估方法，从消除、限制、检测这3个方面梳理了网络隐蔽信道的对抗技术；最后，对未来的研究方向进行了展望.

Network covert channel is the information channel that carries on covert information transmission in violation of the communication restriction rules under the network environment. It brings new challenges to the network information security and provides new research point for ensuring the security and privacy of data transmission. Firstly, the basic concepts of network covert channel are introduced, such as definition, classification, capability dimension. Then, network covert storage channel and network covert timing channel construction technologies are sorted out from three aspects of symbol design, information coding and channel optimization. Then the evaluation methods of network covert channel are summarized from three aspects of covertness, robustness, and transmission efficiency. Furthermore, the countermeasure technology of network covert channel is sorted from three aspects of elimination, restriction, and detection. Finally, some future research directions are prospected.

TP393

国家重点研发计划（2016QY01W0200）；国家自然科学基金（61772507）；广东省省级科技计划（2017B050506002）；羊城创新创业领军人才支持计划（2016008）；广州市科技计划（201802020015）