Selective forwarding attacks in WSN can damage many mission-critical applications, like military surveillance and forest fire censoring. In such attacks, malicious nodes most of the time functions like regular nodes, but sometimes drop sensitive packets selectively, like a packet recording the dissimilar power' activity, making it more difficult to identify their malicious intent. The current selective forwarding attack detection schemes, randomly select checkpoint nodes, available in-between nodes within a forwarding route, which are responsible for producing acknowledgments for each received packet. In this paper, the complete sets of nodes are differentiated into three different types based on their functionality as Inspector Node (IN), Cluster Head (CH), and Member Nodes (MN). The newly considered node as IN is considered to overhear all of the activities of the Cluster head, as CH is the most compromising node in the complete cluster, and in the case, if the CH is attacked then the complete cluster stops working in the network. The IN is trained based on certain rules and predefined parameters which analyses if the CH or MN is malicious or not and considers the required action. NS2 is considered for the simulation of the proposed methodology and also for the validation of the proposed work. In the proposed methodology, two different stages are considered as detection and correction, which works to tackle the attacks and also considering the system efficiency almost. As in the proposed methodology, the effect of the attack is minimized which increases the QOS and also better data transmission.

WSN中的选择性转发攻击可能会破坏许多关键任务应用程序，例如军事监视和森林火灾审查。在这种攻击中，恶意节点在大多数时候都像常规节点那样起作用，但有时会选择性地丢弃敏感数据包（例如记录不同权力活动的数据包），这使得识别其​​恶意意图更加困难。当前的选择性转发攻击检测方案是在转发路由内的节点之间随机选择检查点节点，这些节点负责为每个接收到的数据包生成确认。在本文中，完整的节点集根据其功能（检查器节点（IN），群集头（CH）和成员节点（MN））分为三种不同的类型。由于CH是整个群集中最易受攻击的节点，因此新考虑的节点IN被认为是监听了簇头的所有活动，并且在这种情况下，如果CH被攻击，则整个群集将停止在网络中工作。基于某些规则和预定义的参数来训练IN，该规则和预定义的参数分析CH或MN是否恶意并考虑所需的操作。考虑使用NS2来模拟拟议的方法并验证拟议的工作。在所提出的方法中，检测和纠正被认为是两个不同的阶段，它们既可以解决攻击问题，也几乎可以考虑系统效率。如在所提出的方法中一样，攻击的影响被最小化，这增加了QOS并改善了数据传输。