Wireless sensor networks (WSNs) are increasingly used due to their broad range of important applications in both military and civilian domains. Security is a major threat in WSNs. WSNs are prone to several types of security attacks. Sensor nodes have limited capacities and are deployed in dangerous locations; therefore, they are vulnerable to different types of attacks, including wormhole, sinkhole, and selective forwarding attacks. Security attacks are classified as data traffic and routing attacks. These security attacks could affect the most significant applications of WSNs, namely, military surveillance, traffic monitoring, and healthcare. Therefore, many approaches were suggested in literature to detect security attacks on the network layer in WSNs. The network layer is of paramount significance to the security of WSNs to prevent exploitation of their confidentiality, privacy, availability, integrity, and authenticity. Reliability, energy efficiency, and scalability are strong constraints on sensor nodes that affect the security of WSNs. Because sensor nodes have limited capabilities in most of these areas, selective forwarding attacks cannot be easily detected in networks. In this dissertation, an approach to selective forwarding detection (SFD) is suggested. The approach has three layers: MAC pool IDs, rule-based processing, and anomaly detection. It maintains the safety of data transmission between a source node and base station while detecting selective forwarding attacks. Furthermore, the approach is reliable, energy efficient, and scalable
