Botnet threats continue to be a growing priority for organizations of all sizes in recent years. The designed malware of botnet is sophisticated and the corresponding communication behavior is inconspicuous. This paper introduces Visualize Intelligence and Temporal Analysis to network traffic as a framework to identify malware behavior hidden on the Internet. In this research, we condense traffic into a graphic and then utilize machine-learning algorithm to locate the behavior of beacon (BoB), which is a vital indication of auto-communication software. Since the malware within a compromised device will report to Command & Control (C&C) server periodically, the purpose of this research is to collect traffic flow and to discover the BoB by auto-learning algorithms, such as Artificial Neural Network. Our study confirms this framework model has exceptional performance and accuracy, as well as pinpointed the live beacon during investigation. Our study presents an analytical framework which takes into account the various beacons rate during the different time period. Extensive experimental result validates that framework has significant performance.