In the long term, I don't think botnets are an issue; they may prove an inconvenience to certain specific individuals, but it's very hard to see how one can get over 50% assuming a sufficiently strong network. In general, the reason why botnets are scary is that botnet activity tends to be directed toward anti-DDoS tasks, where the limiting variable is how many pings the network can do against a particular site or the number of IP addresses; because of this, only the number of nodes is relevant. In mining, however, it's not just the number that counts, it's also the hardware strength. With this in mind, note that the average "legitimate" miner has several advantages over the average botnet computer:

1. A botnet computer tends get infected at least partially because it runs older and insecure OSes, eg. Windows XP, implying the computer is old and therefore weaker
2. Miners are predominantly run by technically skilled people, whereas botnet computers are owned by technically unskilled people, once again implying that botnet computers are going to be weaker in raw CPU power than average
3. Miners don't care if their mining takes up 100% CPU power, whereas botnet computers will need to cap to a fairly low percentage to avoid getting caught
4. (3) will eventually include during the night, because antivirus software will adapt to detect high CPU usage as a warning sign

Now, in the short term, it's a somewhat different question, since antiviruses have not fully adapted to the existence of malicious miners and the network is also fairly weak in the big scale so 1000000 * 0.1 can still overwhelm it. However, in the short term it's not really avoidable; even if we make it ASIC-friendly no matter what algo we use it will take a while for it to get ASIC'd (and if we use SHA256 then we make ourselves vulnerable to Bitcoin mining pools and if we use Scrypt then we make ourselves vulnerable to that one guy in China who is producing 50% of Litecoin hashpower), so I would submit that it's an empirical question to what degree botnets at that stage are a problem. Existing history seems to suggest that while botnets can earn a moderate amount of income there aren't too many examples of them trying 51% attacks.

Finally, if it is deemed a problem, there is a chance our algo will be GPUable in any case (it may be a necessary sacrifice to accomplish very high levels of ASIC resistance), in which case bots would not be a problem at all.