Many malicious networks use the DNS domain names to protect their networks. One of the techniques is the fast-flux, which maps many IP addresses to a domain name and uses recruited hosts to redirect users' requests. Fast-flux is powerful in concealing the malicious networks, thus it is widely used by attackers. Although diverse approaches have been proposed to detect the fast-flux domain names, they still suffer from limitations like either having heavy computations or be easy to be noticed by attackers. According to our research, the IP addresses of the fast-flux domain name are unstable. In this paper, we design a metric called domain score to measure the IP fluctuation. Meanwhile, we consider the feature of the domain name itself. A system called FluDD is proposed to detect the fast-flux domain name with DGA (Domain Generation Algorithm). Experimental results show that FluDD can achieve good performance and the true positive rate reaches to 99.6% and the minimal false positive rate is 0.