Measured where? At the router or at your computer?
If the activity is at your computer, have you tried to monitor what is
generating the traffic and to where it is going? SysInternals' TCPview
will show you what processes have connections. You can probably
configured it to hide unconnected endpoints (they have unbound yet).
Nirsoft has their SmartSniff and SocketSniff utilities to let you know
what network traffic is received or sent from your computer.
SocketSniff lets you monitor the network traffic for a selected process,
so use TCPview to see which processes have network connections to then
choose one, or more, to monitor with SocketSniff. SmartSniff is a
packet sniffer that lets you monitor all your network traffic. Another
popular packet sniffer is Wireshark. There are lots of network monitor
utilities available at the download sites (download.com, softpedia.com).
If your router has logging, you could turn it on to see to where all
your intranet hosts are connecting. Have you enabled the security
settings inside the router to make sure your neighbors or roaming
hackers are not using your router? "Linksys 4-port router" tells no one
what you actually have. That does not specify a particular model for
anyone, including you, to go read its online manual to find out what
security features it provides.
Do you have UPnP service enabled (http://en.wikipedia.org/wiki/Upnp)?
Is SSDP (http://en.wikipedia.org/wiki/Simple_Service_Discovery_Protocol)
service disabled? If not, why not? What hosts or network nodes do you
have that actually support it? What hardware, if any, have you added in
the last few days?
How many wifi nodes, if any, are in your intranet? If none, did you
leave the Wireless Zero Configuration service enabled? For info, see
http://en.wikipedia.org/wiki/Wireless_Zero_Configuration. Do you even
need it if you do have wireless nodes?