With the development of botnets, detecting and preventing botnet attacks has become an important task of network security research. Existing studies, which rarely consider the timing patterns in botnets, are ineffective in real-time botnet detection and cannot detect unknown botnets. To tackle these problems, this study proposes a flow summary based botnet detection method. First, the network flow data is aggregated according to the source host IPs, and the flow summary records are generated in a given time window. Then, decision tree, random forest, and XGBoost machine-learning classification models are built to validate the performance of our method. The experimental results on the CTU-13 dataset show that the method we propose can effectively detect botnet traffic and detect unknown botnets. With the help of Spark technology, our method can also meet the needs of rapid detection in real applications.