Since the day criminals figured out how to use the Web to steal and profit from both personal and corporate information, investigators have been confounded by an inability to trace criminal activity back to its source.

Thanks to a variety of factors -- the use of networks of proxy servers to avoid leaving digital evidence and a lack of cooperation among international law enforcement -- cybercrooks are often able to throw off the scent of even the most seasoned Internet investigators.

With Quova's announcement Wednesday of its new services for tracking Web traffic, help may be on the way for companies and law enforcement investigating cybercrimes. The company's new Internet Location Intelligence Platform, a combination of data, software, and services, is designed to help organizations identify in real time any devices connecting into their Web sites. The platform includes the latest version of Quova's GeoDirectory Server, which includes a proxy locator component that determines if a Web visitor is accessing an organization's Web site through a proxy server, a technique often used to mask the original IP address of malicious activity.

Through a combination of data, software, and services, Quova has since 2000 helped organizations understand key demographic information about traffic to their Web sites, including the local language spoken and currency used at the point the traffic originated, rules and regulations that apply to that location, and whether the users in that location are licensed to use the organization's products and services. This has helped organizations detect and even prevent fraud, comply with government regulations and licensing agreements, localize advertisements, and better manage digital rights.

But the same technology also helps law enforcement and businesses investigate the origin of malicious attacks and fraud. "If I'm coming in to a Web site through some sort of proxy, it looks like I'm trying to hide rather than coming straight from a DSL connection right by my home," Quova president CEO Marie Alexander told InformationWeek. "We saw with our customer base that they would look at the country of origin of their orders and check to see if it made sense for an order to come from a particular domain." A shipping or billing address that's located on the side of the world from the IP address where the order is originating should set off red flags.

GeoDirectory Server 6.0, set to ship by the end of September, is a Java-based application through which Quova delivers the geographical location and network connection data for each IP address accessing a customer's Web site. Quova developed the latest addition of its software to address situations when simply looking at an IP address's geographic location isn't enough to accurately determine the location of a Web visitor. The GeoDirectory's IP intelligence capability determines additional network characteristics, including the type of connection used to access a Web site (such as DSL or dial-up), the route taken to a site (whether it passed through a corporate proxy server, mobile gateway, or an open proxy), and domain information associated with IP addresses.