Abstract: In face of confirming user communication relationship in anonymous network, tracing botmaster and detecting stepping stones, traditional intrusion detection and flow correlation methods which mainly rely on passive traffic analysis have shown many drawbacks obviously, such as high space costs, poor real-time, low accuracy, poor flexibility, fail in dealing with encrypted traffic and so on. However, the active network flow watermark(ANFW) which combined the idea of digital watermarking and active traffic analysis can overcome the drawbacks above effectively. ANFW has aroused extensive attention of scholars at home and abroad. Firstly, the general model of ANFW is presented, and the classification of existing proposals and roles involved in ANFW are summarized. Then, several representative ANFW approaches using distinct network flow characteristics are presented and compared in detail. Finally, threats against existing ANFW technology and their corresponding countermeasures are overviewed, also some future research directions about ANFW are discussed.