“…Till now, many fields in the TCP/IP suite of protocols have been revealed to hide information, including IP checksum, IP TTL, TCP initial sequence number, IP timestamp, etc. Accordingly, a series of encoding schemes are introduced to hide the information into these fields, and kinds of covert storage channels (Zander et al, 2007b;Abad, 2001;Giffin et al, 2002;Sohn et al, 2003a) have been introduced. In network covert timing channels, the transmission time of the media packets is used to carry information.…”