Abstract: Network address translation detection is the key in Internet administration and security field. Based on the observation that packets from different source devices have different characteristics, a passive remote network address translation detection system (NDS) is designed. IP identification and TCP timestamp time series are established by suitable processing of the headers of trace data. The tested results in real environment on aggregated local trace data shows that NDS could effectively detect network address translation remotely and has relative high detection rate.