Network covert timing channel is a highly concealed method of information leakage. As the main communication method of APT attack, it poses a great threat to network security. The current detection methods for covert channel are insufficient generality, have high false detection rate, and manual extraction of features is time-consuming. This paper proposes a detection method based on grayscale image transformation. This method normalizes the inter-arrival time sequence of packets, and converts them into pixel values, and then converts into a grayscale image, thereby transforming a problem of one-dimensional sequence classification into a problem of two-dimensional image classification. The authors use the Convolutional Neural Networks to automatically acquire image features, and use the Convolutional Block Attention Module to optimize the feature adaptively from two dimensions of space and channel. The authors train the network with the data set composed of legitimate traffic and covert channel traffic, and the obtained binary classifier can be used to judge whether the detected traffic is covert timing channel traffic. Finally, the proposed approach is compared with the four existing detection methods. The experimental results show that the proposed method has higher precision and recall rate, and the proposed model has better generality and lower false detection rate.