Botnets are a major threat of the current Internet. Understanding the novel generation of botnets relying on peer-to-peer networks is crucial for mitigating this threat. Nowadays, botnet traffic is mixed with a huge volume of benign traffic due to almost ubiquitous high speed networks. Such networks can be monitored using IP flow records but their forensic analysis form the major computational bottleneck. We propose in this paper a distributed computing framework that leverages a host dependency model and an adapted PageRank algorithm. We report experimental results from an open-source based Hadoop cluster and highlight the performance benefits when using real network traces from an Internet operator.