(IJACSA) International Journal of Advanced Computer Science and Applications, Vol. 11, No. 6, 2020 A Review on Honeypot-based Botnet Detection Models for Smart Factory Lee Seungjin 1 , Azween Abdullah 2 , NZ Jhanjhi 3 School of Computer Science and Engineering (SCE) Taylor’s University Subang Jaya, Selangor, Malaysia Abstract—Since the Swiss Davos Forum in January 2017, the most searched keywords related to the Fourth Revolutionary Industry are AI technology, big data, and IoT. In particular, the manufacturing industry seeks to advance information and communication technology (ICT) to build a smart factory that integrates the management of production processes, safety, procurement, and logistics services. Such smart factories can effectively solve the problem of frequent occurrences of accidents and high fault rates. An increasing number of cases happening in smart factories due to botnet DDoS attacks have been reported in recent times. Hence, the Internet of Thing security is of paramount importance in this emerging field of network security improvement. In response to the cyberattacks, smart factory security needs to gain its defending ability against botnet. Various security solutions have been proposed as solutions. However, those emerging approaches to IoT security are yet to effectively deal with IoT malware, also known as Zero-day Attacks. Botnet detection using honeypot has been recently studied in a few researches and shows its potential to detect Botnet in some applications effectively. Detecting botnet by honeypot is a detection method in which a resource is intentionally created within a network as a trap to attract botnet attackers with the purpose of closely monitoring and obtaining their behaviors. By doing this, the tracked contents are recorded in a log file. It is then used for analysis by machine learning. As a result, responding actions are generated to act against the botnet attack. In this work, a review of literature looks insight into two main areas, i.e. 1) Botnet and its severity in cybersecurity, 2) Botnet attacks on a smart factory and the potential of the honeypot approach as an effective solution. Notably, a comparative analysis of the effectiveness of honeypot detection in various applications is accomplished and the application of honey in the smart factories is reviewed. Keywords—IoT; smart factory; honeypot; Botnets; detection; security; model I. INTRODUCTION Smart plant strategies are being pushed forward to innovate global manufacturing competitiveness. Germany is undergoing the Industry 4.0 process. It builds manufacturing into an automatic production system through the Internet of Things, Initiated in China 2025 in China, Terrain Manufacturing System in Japan and Seoul is pushing for Manufacturing Innovation 3.0 [1]. Smart factories in the era of the Fourth Industrial Revolution refer to consumer-oriented intelligent factories that incorporate digital new technologies and manufacturing technologies beyond the current level of factory automation (FA). It can produce a variety of products from one production line and is expected to change from mass customization to flexible production systems through modularization. It is possible to save energy by changing from a person-centered working environment to an ICT-oriented one, and it is expected that the productivity of the manufacturing industry will increase [2], Various possibilities for the transition to smart factories are recognized. It is predicted that it will be able to monitor and control manufacturing sites via virtual space, making it easier to manage factories. It will enhance competitiveness in quality and cost [3]. Smart factories are closely linked to data by application of the latest ICT technologies such as AI, Blockchain and hyper-automation, Augmentation as well as IoT as shown in Fig. 1. Based on that, production processes are controlled on their own, making the industrial control system (ICS, Industrial Control System) more complex and advanced than the ordinary systems. However, due to the complexity of the system and the application of new technologies, the advancement in smart factories raises the risk of new security threats that have not occurred earlier. Specifically, the number of attacks on actual cyber vulnerabilities has increased sharply in recent years on physical equipment and software in power generation, energy, and manufacturing [5]. Fig. 1. Smart Factory Function Requirements[4]. 418 | Page www.ijacsa.thesai.org