Nowadays, botnets is one of the biggest challenges in cyber security. Various detection mechanisms have been proposed. Especially, research communities use machine learning algorithms as the major tool to detect botnets because of their advantages. The popular model is the combination of unsupervised learning to categorize network traffic into some groups with similar features, and apply classification to detect botnet traffic. Although the hybrid approach has been proposed, there is no study to clarify what combination achieves the best detection performance. Therefore, in this paper, we make a comparison of which clustering method is better in such kind of botnet detection hybrid models.