Abstract: Botnet is one of the most active threats on the Internet today. Fast-flux technique is a popular way employed by botnet to evade detection. In this paper, we used data mining techniques to detect the fast-flux botnets. By analyzing the patterns of the Domain Name System (DNS) queries from the fast-flux botnets, we extract six features for constructing the weighted Support Vector Machine (SVM) in order to distinguish the normal network domain access from the fast-flux botnet domain access. The evaluation suggested that the approach is effective in detecting the fast-flux botnets.