Discrete event simulation–based energy efficient path determination scheme for probabilistic voting–based filtering scheme in sensor networks

In wireless sensor networks, sensors are extremely vulnerable to false positive and false negative attacks due to their stringent energy and computational constraints. Several en-route filtering schemes mainly focus on saving energy through early detection of false data within a short distance against these attacks; however, they cannot immediately block the false data injected by compromised nodes. A security scheme uses context-aware architecture for a probabilistic voting–based filtering scheme to detect the compromised nodes and block the injection of false data, unlike security protocols. Although these schemes effectively obstruct the false data forwarding, they cannot make any detour around the compromised node to avoid it during data forwarding. In this article, we propose a discrete event simulation–based energy efficient path determination scheme that takes a detour around the compromised node against the attacks. Our proposed scheme extracts candidate paths considering the network status and selects a path with the highest energy efficiency from among the candidates using discrete event simulation. Simulation results indicate that the proposed scheme provides energy savings of up to 12% while maintaining the security strength against the two attacks compared to the existing schemes.


Introduction
Wireless sensor networks (WSNs) are an economically feasible solution for regular monitoring of events in the environment and habitats, in microclimate surveillance, and in tracking for military applications. [1][2][3][4][5][6] A WSN consists of a large number of sensors and a base station (BS) in a sensor field. 2,7,8 The sensor nodes sense the events, generate the event data, and wirelessly forward the data between the nodes toward the BS. The BS collects the data from the sensor, analyzes it, and provides analyzed results to the users. Because sensors are randomly distributed in an open, collaborative, and large-scale environment and are left unattended for long periods of time, adversaries can easily compromise nodes and waste network resources or block data delivery. 4,8,[9][10][11] When a node is compromised physically or through fabricated messages, adversaries can achieve full control over it by reading its memory and influencing the operation of its software (SW). 12,13 Therefore, sensor nodes are considered vulnerable to being captured or damaged because of their relatively limited batteries, restricted computation, and unattended operation. 6,14 In WSNs, there are several attacks that can happen through compromised nodes. Two types of attacks, false positive attacks (FPAs) 5,6,10,12,[14][15][16][17][18] and false negative attacks (FNAs), [4][5][6]10,12,19 are a major concern. In an FPA, the compromised node can inject false reports to cause unnecessary energy consumption and false alarms for normal nodes. In an FNA, the other compromised node can insert a false message authentication code (MAC) into a legitimate report to lose information.
Even though researchers have proposed several schemes 5,6,10,12,14,19 to detect FPAs and/or FNAs in the sensor network, these schemes counter the attacks through probabilistic verification, in particular through intermediate nodes while forwarding reports. Nam et al., however, proposed a context-aware architecture (CAA) 4 for effectively identifying the compromised nodes against the two attacks. The architecture is integrated with a probabilistic voting-based filtering scheme (PVFS) 5 to overcome the weaknesses of the security protocol. However, in CAA for PVFS (CAA-PVFS), after a compromised node, which is located in the middle of a path, is identified, a secure transmission is not guaranteed when the compromised node receives a legitimate report from the previous node. Thus, it is important to find a new path for an effective detour around the compromised node, unlike several path selection schemes 8,20 that only consider the condition of the next forwarding nodes.
In this article, we propose a scheme that determines energy efficient paths based on a discrete event simulation in our CAA for the sensor network. After identifying compromised nodes as in the previous CAA, 4 our proposed scheme extracts paths, analyzes the paths through the simulation, and selects an effective path from among them. In the proposed scheme, the simulation model of our CAA performs state transitions to identify normal or abnormal behaviors. To decide the behaviors, when the CAA receives context data from the network, it performs state transitions through its own information. To determine which of the paths are suitable for selection, the proposed scheme creates actual normal and attack data and analyzes the performance of the path using the actual data. The scheme determines the path with the highest energy efficiency according to the analysis results of energy consumption and MAC verification using the injected actual data within the models of the CAA. Simulation results illustrate that the proposed scheme provides average energy savings of approximately 10% with the energy efficient path determination, which results in a network lifetime extension.
The main contributions of this article are as follows: Determination of an effective path by simulation, and Improvement in energy efficiency.
The rest of this article is organized as follows: section ''Background and motivation'' presents the background and motivation for the proposed scheme. A detailed description of the proposed scheme follows in section ''Proposed scheme.'' In section ''Simulation results,'' we present a performance evaluation of the proposed scheme using analysis and simulation. Section ''Related work'' discusses security protocols of FPAs and FNAs and path configuration protocols with security related to our proposal. The conclusions are given at the end of the article.

Background and motivation
FPAs and FNAs pose serious security threats to all sensor networks. FPAs cause energy drain through the transmission of false reports, and FNAs cause information loss through the filtering of legitimate reports. In this section, we briefly describe the operation of PVFS and CAA-PVFS to deal with these two attacks. We also discuss the motivation of the proposed scheme. PVFS PVFS 5,6,21 simultaneously detects both FPAs and FNAs through verification records of reports using a voting method, a cluster-based organization, and a probabilistic key assignment. PVFS contains three phases: initialization and key assignment, report generation, and en-route filtering.
In the initialization and key assignment phase, the BS pre-generates a global key pool (n partitions 3 m keys), and randomly distributes keys from the key pool to each node. After the nodes are deployed, they are organized into clusters, each of which consists of a CH and L member nodes (MBs) within one hop. Intermediate CHs are probabilistically selected as verification nodes for report authentication based on their distance from a source CH.
In the report generation phase, when an event occurs, the CH broadcasts the event data to its MBs. After accepting the event data, the MBs generate each MAC and forward it to its CH. The CH collects all the MACs and attaches the randomly selected MACs to the report. It then forwards the report to its next forwarding node toward the BS.
In the en-route filtering phase, while forwarding the report, each verification node verifies the MACs in the report. According to the result of the verification records, the verification node checks that the reports reach a special threshold by the recorded result. When the recorded result at the node reaches the threshold, the verification node immediately filters out the report against the FPA; while the result has not yet reached the threshold, the node continually forwards it against the FNA. When the report arrives at the BS, the BS verifies all the MACs through the keys of the key pool.

CAA-PVFS
CAA-PVFS 4,15 is proposed for effectively identifying compromised nodes using its CAA, which coordinates with the PVFS in a sensor network. The CAA is implemented through simulation models and the algorithm of PVFS. The architecture analyzes the data collected from the sensor network based on its security knowledge base (KB) and identifies the compromised nodes using the analyzed data against FPAs and FNAs. The sensor network excludes the identified compromised nodes to block false data.
CAA-PVFS comprised three architectures: PVFSbased WSN, Communication Architecture (Comm-Arch), 4,15 and a CAA. PVFS works as described in section ''PVFS.'' Comm-Arch consists of a number of data collection nodes (DCNs) to collect sensing data from the nodes of the sensor network and forward it to the CAA. The DCNs are organized into each cluster with a CH and MBs. The CAA of this scheme is implemented through simulation models and the PVFS algorithm to find the compromised nodes of the sensor network.
When a sensor node broadcasts sensing data (e.g. event data, MACs, and reports) as shown in Figure  1(a), a DCN collects the data using a frequency of the sensor. In Figure 1(b), the DCN exploits the other frequency to protect the collision frequency and transmits the sensing data through data encryption and compression to the CAA of the scheme. In Figure 1(c), the CAA detects intrusions using data collected from the sensor network based on its security knowledge (e.g. knowledge of normal behavior within the network and knowledge of the attacks). In the CAA, the number of atomic models (ACH, AMB, and CAA_CNTR) equals the number of sensor nodes (CH, MB, and BS). The atomic models are as follows: ACH (context-aware-based CH): This model corresponds to a CH of the sensor network. As this model receives a report collected through the Comm-Arch, it analyzes the report based on its KB. If the model's behavior is abnormal, it detects the false report against an FPA and provides its controller model for a detection result. AMB (context-aware-based MB): This model corresponds to an MB. The model analyzes a MAC based on its KB. If its behavior is abnormal, the model detects the fabricated MAC against an FNA and notifies its controller of the result. CAA_CNTR (CAA controller): This model corresponds to the BS. When the model receives the detection result of the compromised node's location information from the ACH and AMB, it synthetically analyzes the result and authentically identifies the compromised node. The model then sends a final decision to a BS. The CAA transmits the context-aware decision including the compromised node's location to the BS and excludes the compromised node to block false data injection. Therefore, CAA-PVFS integrates the CAA and PVFS to effectively identify a compromised node and improves security strength and energy efficiency.

Discrete event system
The discrete event system (DEVS) specification formalism developed by Zeigler specifies a model in a hierarchical and modular form for DEVS modeling based on set theory. [22][23][24][25][26] In addition, DEVS provides the framework for information modeling which has the advantage of model reusability, verifiability, expandability, and availability to analyze and design complex systems. 22 DEVS has two kinds of models to represent the systems: atomic models and coupled models. In the two models, the input and output event sets are associated with the input and output ports. The atomic model executes an input event on its basis state; it generates an output event and transfers its state. The model has states, which are related to the behavior to be executed during a specific time. The atomic model is defined by the following structure where X is an external input set, S is a sequential state set, Y is an external output set, d int is an internal transition function, d ext is an external transition function, l is an output function, and t a is a time advance function. The coupled model is constructed by coupling other models and has the hierarchical model structure to build a complex model. In addition, the coupled model can itself be used as a component in a larger coupled model. As this model receives input or output events, it is converted into input or output events of the other models through the coupling. A coupled model is defined by the following structure where D is a set of component names, M i is a component of the basic model, I i is a set of influences of I, Z i, j is an output translation, and select is a tie-breaking function.

Motivation
In WSNs, sensor nodes are vulnerable to FPAs and FNAs due to stringent energy and computational constraints. These attacks cause unnecessary energy consumption and normal data removal at intermediate nodes. The FPA in particular causes energy drain at multiple intermediate nodes and rapidly shortens the network life. To detect these attacks, PVFS uses an en-route filtering technique through a voting method; CAA-PVFS identifies the compromised nodes using the context-awareness collected from the sensor network. Although compromised nodes are identified, the compromised nodes try to inject other attacks such as data capture and manipulation as they receive reports. Thus, it is important that intermediate nodes transmit the report while bypassing the compromised node along an efficient route. We propose the determination of a new path considering the network situation by means of the DEVS simulation after our CAA detects a compromised node. To select a new path effectively, our proposed scheme extracts candidate paths and chooses a path from among them using the analysis result of the DEVS simulation. Therefore, the proposed scheme securely transmits reports using the detour around the compromised node along the selected path.

Proposed scheme
In this section, the proposed scheme is discussed in detail. The proposed scheme extracts candidate paths after our CAA identifies compromised nodes and selects an effective path from among them. The system model and assumptions are outlined in section ''System model and assumptions,'' an overview is presented in section ''Overview,'' the detailed procedure is presented in section ''Detailed procedure,'' and an example of the proposed scheme is given in section ''Example.''

System model and assumptions
A sensor network comprised a BS and sensor nodes, which are powerful nodes (e.g. high-end sensors 17 ) 27,28 to serve as CHs and normal nodes (e.g. low-end sensors) 17,27,28 to serve as MBs. The BS is a reliable and powerful sensor with high hardware (HW) performance (e.g. processing speed and great storage capabilities). Each CH organizes its cluster with the MBs using the cluster-based model 5,8,10,18 after deployment. The CH's sensing range is much larger than its transmission range, and it uses a larger transmission range than does an MB. 5,6 The CH discovers a multi-hop path to the BS. To forward data, all nodes transmit the data along the path toward the BS.
The CH has more powerful resources (e.g. memory size, battery power, computation ability, transmission range) than an MB. 4,8,17 We assume that the sensor nodes do not move after initial deployment in the sensor field. In addition, a compromised node probabilistically injects bogus data into the network. Since our work focuses on FPAs and FNAs, other attacks launched by compromised nodes in the sensor network, such as selective forwarding, sinkhole, and wormhole, are beyond the scope of this article.
In a Comm-Arch, 4,15 DCNs gather all the data of the sensor network and transmit it to the proposed CAA. A DCN exploits two types of frequencies for collecting and forwarding the data and uses HW models instead of SW models to protect it from various types of intrusions. In addition, this node applies an advanced encryption standard (AES) HW module [29][30][31] for data confidentiality and integrity, and a Huffman coding HW model [32][33][34][35] for data compression. The transmission range of each DCN is the same as that of a CH. Thus, the DCNs are designed using HW modules with SW, and they are inexpensive because their modules are simple. 4

Overview
Our proposed scheme determines an energy efficient path through a DEVS simulation to bypass identified compromised nodes in our CAA. In the proposed scheme, the CAA is implemented using the same hierarchical structure of the DEVS models as proposed in Nam and Cho 4 ; it redesigns the atomic DEVS models' behaviors for our proposal. An ACH, an AMB, and a CAA_CNTR correspond to the atomic DEVS models of a CH, an MB, and a BS, respectively. These atomic models of the proposed CAA are as follows: ACH: This model detects false reports injected by compromised CHs based on its security KB against FPAs and identifies the node's location. After identifying the compromised node, the model analyzes and forwards normal and attack simulation data along the extracted candidate paths. The model then provides analysis results in the CAA_CNTR. AMB: This model detects false MACs through its KB against FNAs and finds compromised MBs. CAA_CNTR: This model comprehensively evaluates the analytical results of the ACH and AMB and accurately identifies the compromised node. The model then extracts candidate paths, selects an effective path from among them, and notifies the BS of the path. Figure 2 shows an overview of our proposed scheme. The PVFS-based WSN works as described in section ''PVFS.'' As sensor nodes forward sensing data, the sensing result of the data is transmitted via a Comm-Arch to the CAA. In the CAA, ACH and AMB models are implemented using the DEVS formalism. An ACH model detects a compromised node based on its KB using the collected data of the sensor, and CAA_CNTR extracts candidate paths for a detour around the compromised node based on a minimum cost forwarding path algorithm. The ACH injects actual normal and attack data into the path and analyzes the paths through the simulation. The CAA_CNTR selects the most effective path with respect to energy efficiency and notifies the BS of the selected path. The BS compares the selected path and the existing path and changes the specific path. Therefore, the proposed scheme determines the energy efficient path using the DEVS simulation to bypass the identified compromised node.

Detailed procedure
Our proposed scheme adds the following phases based on the phases (initialization and key assignment, report Extraction and analysis of paths: In the CAA, the CAA_CNTR extracts candidate paths after finding a compromised node and analyzes paths using simulation. Selection and configuration of a path: The CAA_CNTR selects the most effective path with respect to energy efficiency using analyzed results. This model notifies the BS of the selected path, and the BS forwards the path configuration message to specific sensor nodes.
Extraction and analysis of paths. The proposed scheme extracts three types of candidate paths based on the shortest path algorithm to make a detour around the compromised node after identifying the node.
Algorithms 1 and 2 demonstrate the extraction process of candidate paths. Here, ACH comp is a model of the identified compromised node ID, ACH prev is a previous model of ACH comp , path i is the candidate paths, type i is a type for extracting k-shortest paths, M src is a source model, M neigs represents the neighboring models of a model, and M next is a next forwarding model. When identifying a compromised node, the proposed CAA extracts two candidate paths according to the sensor network state and gets an existing path as shown in Algorithm 1. The shortest and the second shortest paths are extracted according to their type based on Dijkstra's shortest path algorithm 17,36 in Algorithm 2.
ACH prev finds one of its neighbors without the identified compromised model, and M next chooses a next forwarding model according to the type. If M next is the CAA_CNTR, path is returned as a candidate. Figure 3 shows the performance measurements of the extracted candidate paths based on the DEVS simulation. A source ACH uniformly injects reports including MACs with normal and attack data into two candidate paths and the existing path. The intermediate models of each path receive two types of normal and attack data. Each intermediate model calculates and records the energy consumed for transmission, reception, and verification while forwarding the injected reports toward the CAA_CNTR. After receiving all the reports, the CAA_CNTR selects an effective path based on the amount of energy consumed.
Selection and configuration of a path. In order to determine an energy efficient path, the proposed scheme measures the performances of candidate paths through simulation. In the DEVS simulation, it is possible to execute the behavior of models using defined rules with elapsed time according to procedures similar to those of a target system. The proposed scheme obtains comprehensive and accurate performances with actual normal and attack data using an iterative simulation such as a real system. After finishing the simulation, the proposed  scheme selects the most effective path from among the candidates using the whole sensor network status.
Algorithm 3 demonstrates the selection of one new path using the performance measurement of the candidates after the CAA_CNTR completely receives two types of data. The CAA_CNTR model obtains the total average consumed energy from records in the data and selects a path for the highest energy efficiency from among the candidate paths. The controller model notifies the BS of the new path, compares the new path and the existing path, and forwards path configuration messages to specific nodes, which should then modify their paths. Figure 4 shows the path determination procedure in the CAA after identifying a compromised node in model ACH 5 . The CAA sets up an initial path between the models and the verification model as verification nodes such as in the sensor network. We assume that the existing paths of ACH 5 are ACH 6 , ACH 9 , ACH 10 , and ACH 11 and its verification models are ACH 6 , ACH 9 , and ACH 10 . In addition, ACH 6 blocks the injection of data by ACH 5 since ACH 5 is identified as a compromised node. As shown in Figure 4, ACH 2 , which is ACH 5 's previous model, extracts three types of candidate paths to bypass the compromised node. To extract the shortest path, ACH 2 selects ACH 4 and excludes ACH 5 . ACH 4 chooses ACH 8 , which is shorter than ACH 6 , from the CAA_CNTR. ACH 10 and ACH 11 are then selected in order. The first candidate path is from ACH 2 to ACH 11 . To extract the second shortest path, ACH 2 chooses ACH 3 and excludes ACH 4 and ACH 5 ; its intermediate models select ACH 3 , ACH 7 , ACH 9 , ACH 10 , and ACH 11 . The third path is the existing path in the initialization phase of PVFS. After completing the extraction of paths, ACH 2 uniformly generates MACs using the keys of its partition and produces reports using the MACs for normal and attack data. The source ACH model attaches the path analysis data (e.g. energy consumption amount, the number of MAC verifications, and the number of verification results) in each report to record the performances of the candidates.   Candidate path 1 (the shortest path): The source model, ACH 2 , forwards normal and attack reports to ACH 4 in a regular sequence. ACH 4 writes the amount of energy consumption for transmission and reception in the data analysis as it receives the report. When ACH 10 receives the report, this model records the calculated result of the path analysis data if it verifies a MAC. As the four types of reports arrive at the CAA_CNTR, the controller model calculates and saves the sum of the results of the analysis data. The model waits for all the reports to arrive, after which they are forwarded along the other paths.

Example
Candidate path 2 (the second shortest path): ACH 2 forwards the generated reports to ACH 3 . Reports are transmitted via the ACH 3 , ACH 7 , ACH 9 , ACH 10 , and ACH 11 models. Their models calculate and record the results of the path analysis data. After the CAA_CNTR receives four types of the reports, it saves the sum of the results and waits for the next state transition.
Candidate path 3 (the existing path): ACH 2 forwards four reports to ACH 3 in a regular sequence. The reports are sent via ACH 7 , ACH 6 , ACH 10 , and ACH 11 for calculating the analysis data. The CAA_CNTR computes the sum of the results after receiving the report.
If the calculation results of the candidate paths are 15,060, 16,500, and 23,640 mJ, the CAA_CNTR selects candidate path 1 from among the candidates using Algorithm 3 in section ''Selection and configuration of a path'' with the results of the simulation analysis. The CAA_CNTR forwards the selected path. Such a choice is the best among all results, but it is rare that this path is chosen.

Simulation results
In this section, we analyze the consumed energy of the candidate paths and evaluate the performance of our proposed scheme.

Paths analysis
To determine an effective path, the proposed scheme extracts candidate paths in the CAA, analyzes the performances of the paths, and selects a path through path analysis. In the proposed scheme, as models are operated through the simulation, it is important to execute them as if they were a target system WSN. We use the simulation methodology instead of using simple calculations, then create actual data such as real reports, and finally inject data into the path. In the CAA_CNTR model, the sum of the energy consumption of a path is calculated as follows In equation (3), R size is the size of a report, E t is the energy consumed to transmit, E r is the energy consumed to receive, HC is the distance from the source to the controller model, E v is the energy consumed to verify a report, and VM c is the count of verified MACs.
For example, as shown in Figure 4, we assume that the hop counts of candidate paths 1, 2, and 3 are 4, 5, and 6, respectively, and that the VM c in the paths is 1, 2, and 3, respectively. As intermediate models forward reports along the paths, the energy consumption of the three paths is 3765, 4875, and 5910 mJ, respectively. After completing the four types of actual data forwarding, their energy consumption amounts to, respectively, 15,060, 16,500, and 23,640 mJ and those values are recorded. Our proposed scheme selects candidate path 1 because it has the lowest energy consumption and notifies the BS of the path. Actually, the proposed scheme leads to energy savings of up to 12% instead of causing a large amount of energy consumption as described in section ''Simulation results.'' The proposed scheme focuses on energy savings to effectively forward more reports rather than creating a high verification count after the compromised node is identified.

Simulation results
We performed simulation experiments to evaluate the proposed scheme and compared it to PVFS and CAA-PVFS. In the initialization phase, a sensor field consists of 100 CHs and 900 MBs for a WSN and 100 DCNs for the Comm-Arch. All nodes are evenly distributed in each cluster, which contains one CH, nine MBs, and one DCN. Their transmission ranges are 150, 60, and 150 m, respectively. They are implemented using atomic DEVS models and are coupled for the sensor network and Comm-Arch. When they receive input data, they execute their state transitions as in real sensor nodes. The BS is located in the lower middle section of the sensor field.
The size of each report is 36 bytes, and the key size is 8 bytes. In Ye et al., 14 each node uses 16.25 mJ per byte to transmit, 12.5 mJ per byte to receive, and 15 mJ per byte to generate. To verify a MAC at the verification nodes, each node consumes 75 mJ. In Nam and Cho, 4 each DCN consumes 19 mJ and 0.006 mJ per byte are consumed to compress and encrypt. We randomly selected 10 specific clusters from the 100 clusters to generate five FPAs and five FNAs. Compromised nodes are located within 5-10 hops, and they generate attacks according to the false traffic ratio (FTR). To verify MACs of the FPAs and the FNAs, a report threshold is set to 2 or 3. In the simulation experiments, we randomly generated 500 events. There was no packet loss in the experiment. Figure 5 shows the attack success count of the FPAs and FNAs versus the FTR for PVFS, CAA-PVFS, and the proposed scheme. In cases (a) and (b), the proposed scheme and CAA-PVFS are almost similar to the attack success count since they identify compromised nodes to block false data as compared to PVFS. In addition, the two schemes are consistent with the number of detected FPAs and FNAs, even though the FTR increases, unlike PVFS that probabilistically detects attacks. Figure 6 shows the energy consumption versus distance with respect to threshold values 2 and 3 to present the performances of the three schemes with FTR values of 0%, 10%, 30%, 50%, 70%, and 90%. In cases (a) and (b), nearly the same amount of energy is consumed between 9 and 11 due to the forwarding of a legitimate report. PVFS has a delicate difference using probabilistic en-route filtering within small distances. In cases (c) and (d), the difference in energy consumption between one and eight hops is as a result of the identification of compromised nodes. On the other hand, the proposed scheme shows an energy savings of roughly 8% which results from configuring an effective path on the same hop as compared to CAA-PVFS. Thus, the proposed scheme saves more energy with a shorter distance traveled than the other schemes. Figure 7 shows the total energy consumption of the sensor network versus the FTR for three schemes. Overall, in cases (a) and (b), the proposed scheme generally improves energy efficiency due to the establishment of an effective routing path as compared to the other schemes. For a threshold of two (Figure 7(a)), the proposed scheme improves by 13% and 11% for an FTR of 10% and by 32% and 39% for an FTR of 90% as compared to PVFS and CAA-PVFS, respectively. For a threshold of three, the proposed scheme improves by 7% and 5% for an FTR of 10% and by 9% and 39% for an FTR of 90% as compared to the aforementioned schemes. Therefore, the proposed scheme improves the energy effectiveness by an average of 9% as compared to CAA-PVFS and results in an extension in the network lifetime.

Related work
Recently, WSNs have exploited computational intelligence (CI) techniques to deal with various issues such as security, data aggregation, data routing, and deployment and location optimization. 6 Some techniques require excessive computation, high energy, and lots of storage to execute complex algorithms. In WSNs, it is still important to solve such issues using limited resources. In this section, we discuss several existing filtering schemes and path configuration schemes for increased resource efficiency and CI.

Attack detection schemes
In WSNs, several en-route filtering schemes 10,14,16,37 focus on the detection of only FPAs. As a result, Li et al. 5 proposed PVFS to simultaneously detect both FPAs and FNAs by introducing a voting method. According to this method, intermediate nodes either immediately drop or continually forward reports through a predefined threshold until the verification process is complete. PVFS achieves strong protection against the two attacks while maintaining a sufficiently high filtering power. Nghiem and Cho 12 suggested a fuzzy-based interleaved multi-hop authentication (FIMA) scheme based on an interleaved hop-by-hop authentication (IHA) scheme. 16 In FIMA, the fuzzy logic system is executed in the BS based on three input parameters, which are the remaining energy of the intermediate nodes, the distance from the source cluster to the BS, and the cumulative number of false MACs in reports generated by that source cluster. The fuzzy system selects verification nodes for the best energy savings and network security. FIMA effectively detects the two attacks and improves the energy efficiency by 13% as compared to IHA. Lee   countermeasures. Akram et al. 6 suggested fuzzy-based adaptive selection of intermediate verification nodes to achieve higher energy savings compared to PVFS. All of the source nodes choose effective verification nodes using a fuzzy rule-based decision-making engine, unlike probabilistic selection in PVFS. The scheme enhances energy conservation and guarantees sufficient protection against FPAs and FNAs. Unlike the en-route filtering schemes in Nam and Cho, 4 a CAA is integrated with PVFS to greatly complement the weaknesses of the security protocol, unlike conventional techniques. CAA-PVFS identifies the compromised nodes using its context-awareness implemented by simulation models against the FPAs and the FNAs. The scheme reduces the number of attack successes by excluding the compromised nodes in the sensor network and improves energy efficiency by reducing the attack data. The en-route filtering schemes focus on early detection of false data and improving energy efficiency within a short distance against FPAs and FNAs. CAA-PVFS identifies compromised nodes to immediately obstruct false data injected by the nodes. Our proposed scheme determines an energy efficient path using new CAA to avoid the compromised node based on discrete event simulation.

Path configuration schemes
Several path configuration schemes have been suggested that use various techniques to hedge against attacks of the network. Savvides et al. proposed a technique called AHLos (ad hoc localization system) 38 to discover the locations of sensors using a set of distributed iterative algorithms. In the technique, each node dynamically discovers its own location and sets effective paths. The node estimates its distance from its neighbors using a range of techniques and uses range and location information to estimate their positions. Kim et al. 20 proposed a path renewal method (PRM) to enable balanced energy consumption, which extends the network lifetime. In PRM, as the remaining energy of the next node decreases below a threshold value, the source node chooses a new next forwarding node based on an evaluation function. PRM enhances the filtering capability and the network lifetime as compared to statistical en-route filtering (SEF) 14 scheme. Shahzad et al. proposed pre-deterministic key-distribution-based commutative cipher en-route filtering (CCEF), 9 which extends the network life with the selection of a next forwarding node. In the scheme, to select the next forwarding node, the distance, the remaining energy, and key information are considered among the neighbors. The scheme improves energy efficiency and extends the network lifetime as compared to CCEF. Nam et al. proposed a fuzzy rule-based path configuration method 8 to select the next forwarding node based on a fuzzy logic system to hedge against sinkhole attacks. 8,39-41 A source considers multiple characteristics of the next forwarding node based on the fuzzy rule-based system to determine a suitable selection. This method achieves improved energy efficiency, distributed traffic, and secure transmission.
Most schemes establish a path using the information of only the next forwarding node in a source node. Our proposed scheme, on the other hand, analyzes candidate paths through the simulation and selects a path using the analysis results.

Conclusion and future work
In WSNs, sensors are exposed to FPAs and FNAs by compromised nodes due to their stringent energy and computational limitations. Several path configuration schemes suggest various methodologies with consideration for the next nodes to create a detour around the compromised node. Our proposed scheme extracts candidate paths in its CAA, analyzes paths through a discrete event simulation, and determines an energy efficient path from among the candidates. Thus, our scheme results in an extension of the network lifetime through the selection of an effective path. The proposed scheme was able to achieve the following contributions: Determination of an effective path by simulation: The proposed scheme extracts candidate paths considering the status of the sensor nodes after identifying a compromised node in the CAA. This scheme analyzes paths through simulation using actual data of the sensor network and selects an effective path among them. The CAA provides the BS with the selected path. Improvement in energy efficiency: The proposed scheme determines the effective path through path analysis using simulation. In the sensor network, specific nodes make a detour around the compromised node using the determined path. The proposed scheme results in an extension of the network lifetime using a reduced number of data transmissions between the sensor nodes.
For future work, we will improve the CAA technique for detecting various attacks in WSNs and apply suggested security protocols in the KB of the CAA to further enhance the energy efficiency and network security.

Declaration of conflicting interests
The author(s) declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.