You can use VPC Flow Logs to find out where this traffic is coming from. Here is a workshop that walks through setting this up, VPC Flow logs Analysis using Amazon Elasticsearch Service.
You may also want to turn on GuardDuty to detect any threats. GuardDuty also analyzes your VPC Flow Logs as a data source.
How to get traffic from a public API Gateway to a private one?Accepted Answerasked 5 months ago
Using CloudWatch for traffic monitoring on EBSasked 5 months ago
Routing network traffic between two EC2 instances in the same subnet to a firewall appliance in another VPCAccepted Answerasked 10 months ago
how can i identify traffic that goes to the kinesis video serviceasked 2 months ago
How to monitor traffic. May be life traffic monitoring?asked 20 days ago
Routing internal and external traffic using the same public subdomain nameasked 10 months ago
Traffic Mirroring - Seeing significant NetworkPacketsSkipMirrorIn and NetworkPacketsSkipMirrorOut counts in CloudWatch at fairly low network rates.asked a year ago
High-Traffic, Load-Balanced Wordpress Site - Optimal DevOps setup for deployment?asked 8 months ago
Amazon Lightsail traffic limitsasked 3 years ago
Data traffic priceAccepted Answerasked 3 years ago