Fuzzy computation on ensemble deep network for the performance of vampire attack detection model in WSN

Open Access
29-11-2025
Research

Published in:

Authors: M. Sudha; Rajesh Arunachalam; A. Karthikayen; V. Sumanth
Published in: Journal on Wireless Communications and Networking | Issue 1/2026

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Patentsearch

Off

Abstract

In this article, the authors investigate the use of fuzzy computation on ensemble deep networks to enhance the performance of vampire attack detection models in Wireless Sensor Networks (WSN). The study focuses on four key areas: the challenges of vampire attacks in WSN, the application of fuzzy logic in deep learning, the design of an ensemble deep network for attack detection, and the evaluation of the model's performance. The authors present a novel approach that combines fuzzy computation with deep learning techniques to improve the accuracy and efficiency of detecting vampire attacks. Through extensive experiments and comparisons with existing methods, the proposed model demonstrates significant improvements in detection rates and false positives. The article concludes with a discussion on the practical implications of the findings and potential future research directions in this field.

AI Generated

This summary of the content was generated with the help of AI.

Notes
Abbreviations

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

ANN

Artificial neural networks

ATTN

Attention mechanism

Bayesian networks

BiGRU

Bidirectional gated recurrent unit

DoS

Denial of service

Decision trees

EBWO

Enhanced black widow optimization

EDN

Ensemble deep networks

EOO

Eurasian oystercatcher optimization

E-PFOA

Enhanced piranha foraging optimization algorithm

FDR

False discovery rate

FPR

False positive rate

FRS

Fuzzy rough set

FRS-PV-MT

FRS probabilistic variable precision-based mitigation technique

Genetic algorithm

GRU

Gated recurrent units

HHOA

Horse herd optimization algorithm

IoT

Internet of things

KNN

K-nearest neighbor

Logistic regression

LSO

Light spectrum optimizer

LSTM

Long short-term memory

MCC

Matthews correlation coefficient

Naive Bayes

NPV

Negative predictive value

PG-DRL

Policy gradient-deep reinforcement learning

PLGP

Parno, Luk, Gaustad, and Perrig (protocol)

PFOA

Piranha foraging optimization algorithm

PRR

Packet received ratio

PSO

Particle swarm optimization

RC-DD

Recurrent crossover-based dynamic differential

Random forests

RNN

Recurrent neural network

ROC

Receiver operating characteristic

SASR

Secure atom search routing

SVM

Support vector machine

TCN

Temporal convolutional networks

WOA

Whale optimization algorithm

WSN

Wireless sensor network

1 Introduction

WSN is constructed with a huge number of sensor nodes [1]. The information has been forwarded using sensor nodes to the outer base station node or inside nodes. The usage of sensor nodes makes the network sense over physical areas [2]. The degree of accuracy of these sensing capabilities is high. The sensed data are communicated by the sensor nodes with each other, and high-quality, useful information has been formed related to the surrounding environment by these sensors. The decision has been made by each sensor node based on its currently gathered information, goal, and proficiency of its transmission, computation, and energy assets [3]. Currently, WSNs are utilized in the Internet of Things (IoT), smart cities, agriculture, and sensitive zones [4]. More attack detection approaches are concentrated on designing a novel technique for DoS attacks [5]. The battery power is drained gradually by these attacks, and so proper attack detection strategies are needed in WSN. These attacks disrupt the communication during data communication. In addition, the vampire nodes lengthen the route from source to destination, which increases the energy consumption [6]. Serious problems are created due to this vampire attack in the WSN, and it is difficult to detect. The vampire attacks are not specific to a particular routing protocol, which makes the detection process complicated [7].

The stateful and stateless protocols are the two classifications of routing protocols and are classified based on vampire attacks. The source node itself specifies the entire routing path to the destination in the stateless protocol [8]. The independent or self-decision is made by each node in the stateful protocol, which determines the optimal routing path for data transmission [9]. Stretch and carousal attacks are the two types of attacks that can occur in a stateless protocol [10]. The carousal attacks do not allow the data to reach the destination, and they cause battery drainage. In the stateless protocol, the stretch attacks cause the data packet to take a longer route to reach the receiver, resulting in increased energy consumption [11]. The main intention of adversaries is not to tamper with or forge the data packets, but it drains the energy levels completely in terms of forwarding useless packets [12]. The cryptographic approaches are more efficient for providing higher network security during data transmission [13].

Various researches have been conducted for detecting and mitigating the vampire attacks. Trust values are calculated for detecting these vampire attacks in each node, and the node is classified into benign or malicious nodes with respect to certain threshold values [14]. Based on the diverse network scenarios, this threshold value varies and is fixed based on network knowledge. The energy depletion at each sensor node due to these vampire attacks is faster than other attacks [15]. Moreover, it is the type of DoS attack that hampers the overall communication and performance of the network [16]. Diverse machine learning approaches such as Naive Bayes (NB), random forest (RF), support vector machine (SVM), artificial neural network (ANN), logistic regression (LR), K-nearest neighbor (KNN), decision tree (DT), and Bayesian network (BN) are used for the classification of vampire attacks in WSN. Applying SVM in WSN ideally separates the vampire nodes and enhances the network performance [17]. During the isolation process of vampire nodes, the characteristics of sensor nodes, such as node broadcast count, node energy, and node packet received ratio (PRR), are considered. The DT algorithm for the classification of vampire attacks provides accurate classification results with less complexity, but the robustness of the system is low. In order to improve the vampire attack detection performance, an effective deep learning technique is suggested in this approach.

1.1 Contributions

The major contributions of the developed fuzzy computation-based vampire attack detection model in WSN are given as follows.

To implement a vampire attack detection mechanism in WSN for separating the vampire node from the sensor network using a fuzzy ranking-based ensemble learning model that saves energy and increases the network lifetime.
To design an E-PFOA strategy for the optimal selection of data from the nodes that maximizes the relief score between the optimal features to improve the overall vampire attack detection performance.
To develop an EDN with the support of RNN, LSTM, GRU, and TCN for the detection of vampire activities in the sensor network, that detection process is helpful for providing higher security in WSN. The learning ability of the ensemble network is better when compared to individual learning, and the final detection score is attained by using the fuzzy ranking approach to give an appropriate vampire attack detection outcome.
To validate the performance of proposed vampire attack detection technique against various conventional models by conducting several experiments with respect to multiple validation metrics.

1.2.1 Existing Attack Detection Models

In 2017, Kumar [18] have developed an intelligent vampire attack detection approach, Parno, Luk, Gaustad, and Perrig (PLGP), to provide security in WSN. Previous attack detection mechanisms were only focused on the detection of DoS, and this work has been especially designed for detecting vampire attacks. The vampire attacks affected the performance of the system during the transmission of information in WSN. The resource depletion attacks in the routing protocol layer quickly debilitated the battery power of the nodes, and hence, the networks were disabled permanently. Therefore, the detection of attacks was important before routing in WSN.

In 2022, Juneja et al.[19] have suggested a twofold method for detecting vampire attacks. Here, two mechanisms as the cooperation trust mechanism and attack migration were integrated by policy gradient-deep reinforcement learning (PG-DRL). Secure hop was selected by the proposed PG-DRL approach, while vampire attacks were presented. The detection ratio of the proposed technique was higher than the existing schemes, and the lifetime of the network has also been enhanced by this approach.

In 2022, Alkwai et al.[20] have proposed a probabilistic fuzzy-based routing protocol with an authentication strategy for detecting the vampire attacks, where data optimization was performed using a hybrid clustering approach. The growing types of vampire assaults were detected through fuzzy-based chain rule with the help of probability formulas. The network security at the time of routing has been performed using the authentication routing protocol. The experimental outcome has proved that the proposed mechanism attained better effectiveness according to throughput, control overhead, energy consumption, and latency.

In 2014, Anoopa and Sudha [21] have offered an intelligent vampire attack detection and control scheme in WSN. The resource depletion attacks were explored at the routing protocol layer, which permanently disabled the networks in the application layer. From the empirical analysis, the developed vampire attack detection and control method saved the ad-hoc wireless nodes from power drainage, and secure packet forwarding has been carried out in WSN.

In 2020, Sajan and Jasper [22] have proposed a secure atom search routing (SASR) strategy for the prevention of vampire attacks which provided higher security during data transmission. The global optimization problems were solved, and the balance between exploitation and exploration was improved by this SASR methodology. The effectiveness of the SASR method has been validated with the previous algorithms based on measures like network lifetime, trust, energy, delay, throughput, trust detection rate, packet delivery ratio, and communication cost. The lifetime of the network has also been improved by this suggested approach.

In 2017, Rathish and Rajaram [23] have developed a clustering-based attack detection mechanism during message forwarding in the network, where the attack was mitigated by discarding the attacked file before it passed into the destination node. In the first aspect, the cluster was organized, and then cluster member grouping was performed. Finally, the cluster head was selected for the detection of vampire attacks in the network. The malicious nodes were determined based on notification messages, and the detected attacks were mitigated through a filtering mechanism. The proposed model improved the detection rate, increased the packet transmission, and reduced overhead, packet loss rate, and energy consumption than the prior models.

In 2011, Vasserman et al.[24] have explored resource depletion attacks that permanently disabled networks at the layer of the routing protocol. There is no specific relationship between the vampire attacks to the protocols, but they relied on the properties related to classes of routing protocols. The detection has been carried out by sending messages to the network. The mitigation strategies have also been explained to ensure secure data forwarding in WSN.

In 2015, Mulla et al.[25] have developed a vampire attack detection and control strategy in wireless networks. The secure packet forwarding mechanism has been implemented, which keeps the network from harm and danger due to these vampires at the packet forwarding level.

In 2021, Lansky et al. [38] have designed a novel research work to verify the efficiency of the deep learning-based intrusion detection models. In most of the research work, intrusion detection procedures were employed to identify the intrusions effectively.

In 2014, Kim et al. [39] have implemented a hybridized intrusion detection mechanism using a decision tree and SVM. The developed hybridized technique was good in reducing the time complexity issues at the training phase and accomplished better outcomes.

In 2021, Srikaanth and Nagarajan [40] have proposed an efficient vampire attack detection technique through fuzzy rough set (FRS) with routing procedures. The FRS was better at quantifying the characteristics of mobile node characters and detected the vampire attacks. FRS-derived probabilistic variable precision-based mitigation technique (FRS-PV-MT) was employed to overcome the problems while detecting the attacks by minimizing the latency.

In 2016, Mirjalili and Lewis [43] have designed an efficient optimization technique named whale optimization algorithm (WOA), which was good in tackling the optimization-related issues and offered comparatively higher performance efficiency than other schemes.

1.2.2 Ensemble Techniques used for Attack Detection

In 2023, Alotaibi and Ilyas [45] have designed an efficient intrusion detection model to enhance the security of the network. Here, ensemble machine learning techniques such as LR, RF, KNN, and DT were suggested. Moreover, a stacking procedure was suggested to perform the final validation process.

In 2023, Hossain and Islam [46] have proposed an intrusion detection model by considering ensemble machine learning techniques. Ensemble techniques utilized for the validation were AdaBoost, gradient boosting, RF, and stacking. Here, correlation analysis was suggested for acquiring the significant features to detect the intrusions in the network.

In 2023, Ismail et al. [47] have recommended a lightweight ensemble machine learning technique for detecting intrusions in WSN. Ensemble machine learning procedures utilized for the validation were stacking, bagging, and boosting. In the validation, the developed technique effectively reduced the false alarm rate and detected the respective attack in minimal time.

In 2019, Vinayakumar et al. [50] have suggested a deep neural network (DNN) to identify the efficiency of the developed scheme in detecting various attacks. The developed scheme was good in detecting various attacks and verified their performance over dynamic conditions.

1.2.3 Recent Attack Detection Techniques

In 2025, Karakaya [44] have proposed a hybridized technique by integrating fuzzy logic and ensemble learning models for improving the overall security of the network. Here, multiple classifiers were suggested to enhance the detection efficiency and also network flexibility was improved through fuzzy logic.

In 2025, Sivakumar et al. [48] have recommended the recurrent crossover-based dynamic differential (RC-DD) for detecting various attacks in WSN. Here, the localization was carried out using KNN among the sensor nodes. Then, multiple attacks presented in the WSN were identified using an RNN by reducing the localization errors.

In 2025, Sharma et al. [49] have designed a hybridized technique by fusing bidirectional gated recurrent unit (BiGRU) and attention mechanism (ATTN), which helped to identify the intrusions in WSN. Next, the parameters in BiGRU-ATTN were tuned using enhanced black widow optimization (EBWO) and achieved a superior outcome than others.

1.3 Problem Statement

During a vampire attack, the transfer of information takes additional power from the framework node. While utilizing additional energy, nodes may discharge and separate from the system. Vampire attacks are not protocol-specific. Several experiments were performed in WSN by the researchers to detect the vampire attack. The advantages and disadvantages of the existing vampire attack detection models are given in Table 1. The research gap of the traditional technique is discussed below.

Several traditional techniques do not utilize feature selection, which reduces the network training and increases the complexity of the framework. It also creates overfitting. These issues can be tackled by employing feature selection.
Existing approaches employ a single deep learning approach that creates data integrity issues and also requires more resources and data for processing. It can be resolved by utilizing an ensemble network. It enhances the detection accuracy and minimizes variance in the network.
Various existing models face certain challenges in offering accurate results using inputs like incorrect data and cluttered data, and they are also difficult to develop. Therefore, fuzzy models can be employed to resolve these issues.
In certain cases, feature selection lacks the potential of the necessary data, which leads to the misuse of significant information. Thus, the feature selection can be performed by utilizing an optimization approach.

Table 1

Features and challenges of existing vampire attack detection models in WSN

Author [citation]	Techniques	Features	Challenges
Kumar [18]	PLGP	It is capable of offering additional fair routing path diversity and load distribution	This technique has few countermeasures to detect vampire attacks
Kumar [18]	PLGP	This approach prevents the attack during the discovery stage of PLGP
Juneja et al.[19]	DRL	This approach has the ability to process huge data	This method shows low convergence speed
Juneja et al.[19]	DRL	This offers improved robustness	This method creates overhead problems
Alkwai et al.[20]	Fuzzy chain	This technique neutralizes the vampire attack	This technique is highly complex
Alkwai et al.[20]	Fuzzy chain	This method effectively detects the vampire attack in the network	This method is time-consuming and expensive
Anoopa and Sudha [21]	PLGPa	This method reduces the data loss in the network	This method relies on various cryptographic approaches
Anoopa and Sudha [21]	PLGPa	This technique offers increased privacy to the network	This technique requires high computational expenses
Sajan and Jasper [22]	SASR algorithm	This technique offers increased privacy during data transmission	This technique is important to data redundancy
Rathish and Rajaram [23]	Clustering	This technique enhances the collaboration between the nodes and neglects the spiteful nodes	This approach minimizes the resilience of the network
Rathish and Rajaram [23]	Clustering	This approach shows high robustness	This method utilizes a large amount of network resources
Vasserman et al.[24]	PLGP	This approach improves secure packet transmission in the framework	This technique is open to various DoS attacks
Vasserman et al.[24]	PLGP	This technique offers effective performance in attack detection	This technique is open to various DoS attacks
Mulla et al.[25]	M-DSDV	This method avoids the routing loops development	This technique creates the route fluctuations
Mulla et al.[25]	M-DSDV	It reduces the increased routing overhead	This method requires more time for processing

1.4 Work Organization

The developed framework is organized as follows. Section 1 includes the introduction and literature review. Section 2 holds the overall methods and process in vampire attack detection. Section 3 includes the results, Sect. 4 highlights the discussions, and Sect. 5 includes the conclusion with future works.

2 Methods

2.1 Problem formulation

WSN is integrated with sensor devices, and a great deal of research has been needed to enhance survivability. The arrival of vampire attacks consumes more energy in the network, and the entire transmission is affected. The strength of the attack is measured based on the consumed energy on the malicious node with respect to the honest nodes, where the size of the packets is initially considered as constant. Some types of vampire attacks allow a single packet to traverse the same set of nodes. Furthermore, vampire attacks increase the packet length and the path, affecting the network transmission. Generating a secure strategy for detecting the vampire attacks and preventing the nodes is essential. The entire sensor network depends on the battery power of the nodes. Battery replacement and recharging are impossible in most applications, and hence, the lifetime of the network is greatly affected. These problems are considered in this work to improve transmission performance with higher security in WSN.

2.2 System model: WSN

WSN is helpful for transmitting the data packets from one place to another. The WSN area is in various sensing fields, where the sensor nodes are arranged in the respective regions for better communication. In the sensor field, the sensor nodes are strongly deployed and it has the ability to combine data back to the base station. The major parts of sensors are the processing unit, sensing unit, power unit, and transceiver unit. Moreover, sensors consist of some additional application-dependent components such as power generators and location-finding systems. The energy level of these sensor nodes is determined before and after data transmission. But, the networks are badly affected by various attacks like vampire attacks and their severity is easily identified through their energy level in sensor nodes. Drainage of power in the sensor nodes leads to node failure, and it totally affects the entire network. Data loss due to these vampire attacks is high. Avoiding vampire attacks increases the life of the sensor nodes and the network. Hence, the detection of vampire attacks is important in many applications. The system model of WSN with sensor nodes is depicted in Fig. 1.

Fig. 1

System model of WSN with sensor nodes

Full size image

2.3 Dataset information

Different characteristic details regarding the dataset used in vampire attack detection in WSN are discussed as follows in Table 2.

Table 2

Representation of characteristic details of the dataset for vampire attack detection approach

Aspect	Description
Source	Synthetic dataset generated through WSN simulation. No real-world deployment is used
Domain	WSN under vampire attack condition
Input Features	Node energy levels, node broadcast count, length of routing path, and packet received ratio are selected using E-PFOA
Output Classes	Binary outcome as a vampire attack node or a benign node
Dataset Size	Here, the experiments were run with k-fold (k = 5) cross-validation, which indicates that the dataset is a large
Class Balance	It is a balanced dataset, which equally distributes the benign and vampire attack instances, ensured at the simulation phase
Availability	Not publicly available, it is a simulation-based dataset

2.4 Developed vampire attack detection technique in WSN

Most of the routing protocols in WSN concentrate on the determination of energy-efficient routes, and it does not have the ability to evaluate the vulnerability. Hence, a secure routing procedure is needed in WSN because many security threats affect the entire performance of the network. They compromise the packet information and saturate the network communication. The vampire attacks are resource depletion attacks, and they need to be detected from the nodes before transmitting the information. Unnecessary packet bombarding is happening in the network because of these vampire attacks. Most of the detection strategies in WSN modify the header information and generate an extra load in the nodes. If the vampire attacks are not detected efficiently, they target the most critical point of sensor nodes, like their batteries and the whole network are damaged. These issues are taken into consideration in WSN during vampire attack detection, and hence, a deep learning-assisted vampire attack detection method is developed. The structural model of the proposed vampire attack detection strategy is depicted in Fig. 2.

Fig. 2

Diagrammatic illustration of designed vampire attack detection framework

Full size image

In this research work, a new vampire attack detection strategy is developed for detecting vampire attacks in WSN to avoid the drainage of battery power. The data transmission performance is also enhanced by identifying the vampire attacks. The energy consumption of sensor nodes is minimized, and lifetime of WSN is increased due to the detection of vampire attacks. Initially, the node information from the WSN is collected. Next, the optimal features from the raw data are selected through the implemented E-PFOA strategy. These selected features from the nodes are helpful for the detection of vampire attacks, and this selection strategy maximizes the relief score. Then, the optimally selected features are applied to the EDN model for detection purposes, where networks such as RNN, LSTM, GRU, and TCN are employed for constructing the model. These deep networks finally produced a detection score over the vampire attacks separately. These vampire attack detection scores are finally ensemble through the fuzzy ranking approach based on the membership function. The vampire attacks are detected in the nodes, and then it is prevented by avoiding the nodes during data transmission. Hence, it does not drain the battery power and does not broadcast all the information to various destinations. Hence, better communication is achieved in WSNs with higher security. The resultant outcomes obtained from this vampire attack detection model are validated with the traditional models to show its communication performance.

2.5 Optimal feature selection

In the optimal feature selection phase, raw data ${\text{Da}}_{g}^{{{\text{ip}}}}$ are used as the input, and the features are selected optimally through E-PFOA. The stream of data flow between the sensor nodes is initially considered for performing communication among the nodes. An insufficient number of messages are transmitted between the nodes and are aggregated. The information about the routing paths is not presented in the routing messages, but it contains information about the source and destination. The communication is performed in the network based on the route request message to its neighboring nodes. If the destination receives the forwarded message, it sends a route reply. The message is back to the originator if it does not send the route reply. Hence, the communication is performed in WSN a bidirectional manner. If a new route is selected, then the source node sends a fresh message to secure the communication. The vampire attacks affect the entire communication by injecting false data. The required data from the sensor nodes are collected initially, and the optimal features are selected through the developed E-PFOA for enhancing the attack detection performance. The attack strength is determined based on the usage of the network energy ratio. The optimal selection of features maximizes the relief score.

The objective function of this optimal feature selection process is provided in Eq. (1).

$${\text{obj}} = \mathop {\arg \,\min }\limits_{{\left\{ {{\text{op}}_{{\text{n}}} } \right\}}} \left( {\frac{1}{{{\text{Re}}_{{{\text{sc}}}} }}} \right)$$

(1)

The term ${\text{Re}}_{{{\text{sc}}}}$ defines the relief score during the detection process, and the term ${\text{op}}_{n}$ represents the optimally selected features in the interval between $\left[ {1,50} \right]$. The feature score is calculated by the measure relief score, and it selects the top-scoring features for the feature selection process.

The relief score value is given in Eq. (2).

$${\text{Re}}_{{{\text{sc}}}} \left( f \right) = W_{f} - \left( {{\text{inp}}_{f} - {\text{nearhit}}_{f} } \right)^{2} + \left( {{\text{inp}}_{f} - {\text{nearmiss}}_{f} } \right)^{2}$$

(2)

The index of the components is denoted as $W_{f}$, the nearby instances of the same classes are represented as ${\text{nearhit}}_{f}$, and the closest different class instances are indicated by the term ${\text{nearmiss}}_{f}$. The term ${\text{inp}}_{f}$ denotes the input data. Finally, the optimally selected features are specified as ${\text{Fe}}_{f}^{{{\text{op}}}}$, which is considered as the input to the vampire attack detection phase.

2.6 Designed E-PFOA

2.6.1 Purpose

An efficient optimization technique named E-PFOA is employed in this research work to enhance the vampire attack detection efficiency. The most important features from the input data are selected optimally by the proposed E-PFOA. Here, the relief score in the network is enhanced, which supports selecting the optimal features. The E-PFOA is the advanced version of PFOA [26], which is designed by updating the random parameters according to the fitness related to the best and worst.

2.7 Need for implementing E-PFOA

Presently, various optimization techniques are employed to tune the parameters in the network. Among all the optimization models, particle swarm optimization (PSO) [41] and genetic algorithm (GA) [42] are commonly used by researchers as they offer better efficiency in the search spaces. PSO uses the simple implementation procedure, and it is also good at handling complex tasks. It maintains higher robustness in the network while using the noisy information. Moreover, it is good at identifying the high-resolution outcomes in the search space. Yet, its convergence rate is poor in the higher-dimensional regions. In some cases, they easily get stuck in the local optimal spaces. Hyperparameter settings in the network lead to sensitivity-related issues. Finding the optimal solutions is affected due to poor convergence issues. Another commonly used optimization technique is GA, which is designed to resolve the multi-objective optimization-based issues. GA has higher global search efficiency and also accomplishes optimal outcomes in the search space without getting trapped in the local optima space and affecting the robustness. Moreover, their flexibility is good in a wide range of applications and also maintains robustness in the large search space. Yet, its computational expense is higher and also takes more time to tackle several issues in the search space. In some cases, they lead to premature convergence issues while identifying the global optimal outcomes. Considering defined fitness function in the network leads to slow convergence and suboptimal outcomes. These kinds of issues presented in the classical optimization scheme affect the vampire attack detection model. So, PFOA is suggested to be used in this research work, which is designed by considering the foraging characteristics of piranha. PFOA is selected because of its local trap-avoiding ability in the problem space. The optimization problems are effectively solved by this PFOA in the multi-dimensional complex search spaces. Moreover, it maintains better balancing among the exploitation and exploration phases. However, PFOA easily gets trapped in the local optima issues and also fails to maintain better balancing between exploitation and exploration. In addition, they may be prone to premature convergence issues, which stop searching in the search space. In order to tackle several issues presented in the classical PFOA, random variables presented in the PFOA are improved by the novel concept and the developed model is indicated as E-PFOA.

2.8 Novelty

The convergence rate of PFOA is further improved by upgrading the random variable $\kappa_{1}$ based on the worst and best fitness values. The process of random parameter updating is given in Eq. (3).

$$\kappa_{1} = \frac{{{\text{Fitcurrent}}}}{{\left( {\text{Fitbest + Fitworst}} \right)}}$$

(3)

The current fitness value is indicated as ${\text{Fitcurrent}}$, the best fitness value is represented as ${\text{Fitbest}}$, and the worst fitness value is denoted as ${\text{Fitworst}}$. The upgraded random parameter is represented as $\kappa_{1}$. The best optimal solution is attained by the implemented E-PFOA.

2.9 Advantages of E-PFOA

Tuning the random parameter in developed E-PFOA is good for maintaining higher exploration in the search spaces and also protects the entire network from the local optimal issues. Moreover, it effectively reduces the sensitivity by observing various parameter configurations. In addition, the overall robustness of the network is improved and also suggested to use it in a wide range of applications. The convergence speed of the network is further enhanced with higher solution quality with simple implementation procedures.

PFOA [26]: It is a meta-heuristic algorithm used for solving continuous optimization problems. Initialization of population, evaluation of parameters, and updating position are the important steps in this PFOA. Here, $r_{x}$ represents the position vector of the piranhas. The position initialization of each individual in the problem space is given in Eq. (4).

$$r_{x} = {\text{lrB}}_{x} + \kappa_{1} \times \left( {{\text{urB}}_{x} - {\text{lrB}}_{x} } \right)$$

(4)

The location of $x^{{{\text{th}}}}$ the individual in the search space is indicated by $r_{x}$, the lower boundaries are denoted by ${\text{lrB}}_{x}$_, and the upper boundaries are indicated by $urB_{x}$. The random parameter lies in the interval between $\left[ {0,1} \right]$ is denoted by $\kappa_{1}$.

Piranhas are highly sensitive to blood; this behavior influences the concentration of blood $C_{x}$ and the distance between the piranha and prey $D_{x}$. Based on the blood concentration, the piranhas swim, and the concentration of blood is given in Eq. (5).

$$C_{x} = \kappa_{2} \times \frac{{Y_{x} }}{{4\pi D_{x}^{2} }}$$

(5)

$$D_{x} = r_{{{\text{prey}}}} - r_{x}$$

(6)

$$Y_{x} = \left[ {r_{x} \left( u \right) - r_{x + 1} \left( u \right)} \right]^{2}$$

(7)

The term $Y$ indicates the source intensity, and $\kappa_{2}$ represents the random number in between $\left[ {0,1} \right]$.

The nonparametric control parameter is used to perform a global search, which is indicated in Eq. (8).

$$Q = E.\cos \left[ {\frac{\pi }{2} \otimes \left( {\frac{q}{{{\text{itr}}_{{{\text{max}}}} }}} \right)} \right]^{4}$$

(8)

The term $E$ represents the constant term, and the term ${\text{itr}}_{{{\text{max}}}}$ denotes the maximum number of iterations.

The reverse escape strategy is used for changing the population direction based on the Flag $G$. The local trapping phenomenon is resolved by using this parameter, and this is described in Eq. (9).

$$G = \left\{ {\begin{array}{*{20}c} 1 & {\kappa_{3} \le 0.5} \\ { - 1} & {\kappa_{3}> 0.5} \\ \end{array} } \right.$$

(9)

The random number in between $\left[ {0,1} \right]$ is indicated as $\kappa_{3}$. Finally, the location of piranhas is updated.

Piranhas attack the prey when they are hungry, and it is mathematically shown in Eq. (10).

$$r_{x} \left( {u + 1} \right) = \varpi_{1} \sum\limits_{l = 1}^{{{\text{gd}}}} {\frac{{P_{l} \left( u \right) - r_{x} \left( u \right)}}{{{\text{gd}}}}} - r_{{{\text{prey}}}} \left( u \right)$$

(10)

The term ${\text{gd}}$ represents the randomly created integer, $r_{x} \left( {u + 1} \right)$ is the novel position of search agents, and local population is indicated as $P_{l} \left( u \right)$.

Piranhas have a special taste on blood, and they change their position based on the blood concentration. The better position in cluster attack pattern is indicated in Eq. (11).

$$\begin{aligned} r_{x} \left( {u + 1} \right) = & \lambda_{1} * e^{{\lambda_{2} }} * r_{prey} \left( u \right) + H * r_{prey} \left( u \right) * G * C_{x} \\ & + G * \kappa_{4} * Q * C_{x} \\ \end{aligned}$$

(11)

The new location of the search agent based on blood connotation is indicated as $r_{x} \left( {u + 1} \right)$, and $\lambda_{1} s$ as well as $\lambda_{2}$ are the integers in the range between $\left[ { - 2,2} \right]$ and $\left[ { - 1/2,1/2} \right]$. The coefficient for foraging ability is denoted as $H$.

Piranhas break away from the group because of their poor vision during foraging, and this scavenging behavior is modeled in Eq. (12).

$$r_{x} \left( {u + 1} \right) = \frac{1}{2}\left[ {e^{{\lambda_{2} }} * r_{B1} \left( u \right) - H * r_{{{\text{prey}}}} \left( u \right)} \right]$$

(12)

The parameter $H$ is utilized to change the search agent’s position, and the term $r_{B1} \left( u \right)$ is the agent $B_{1}$st position to be randomly selected, where $B_{1} \ne x$.

The survival rate of piranhas is initially calculated to maintain the diversity of the population, which is illustrated in Eq. (13).

$${\text{surRate = }}\frac{{{\text{fitness}}\left( {{\text{max}}} \right){\text{ - fitness}}\left( x \right)}}{{{\text{fitness}}\left( {{\text{max}}} \right){\text{ - fitness}}\left( {{\text{min}}} \right)}}$$

(13)

The offspring population reproduced is mathematically expressed in Eq. (14).

$$r_{x} \left( {u + 1} \right) = r_{{{\text{prey}}}} \left( u \right) + \frac{1}{2}\left\{ \begin{gathered} \left[ {r_{B1} \left( u \right) - H * r_{B2} \left( u \right)} \right] \hfill \\ - \left[ {\left[ {r_{B2} \left( u \right) - H * r_{B3} \left( u \right)} \right]} \right] \hfill \\ \end{gathered} \right\}$$

(14)

The position of the prey is denoted by $r_{{{\text{prey}}}} \left( u \right)$, and the terms $r_{B1} \left( u \right)$,$r_{B2} \left( u \right)$ and $r_{B3} \left( u \right)$ represent the randomly selected agent’s position.

Algorithm 1: Proposed E-PFOA

Full size image

2.10 Formulation of EDN-based vampire attack detection

2.10.1 Purpose of EDN

A new vampire attack detection model EDN is implemented in this research work for the identification of attacks in the WSN. The developed EDN is an ensemble approach, which is designed by considering different deep learning networks like TCN, RNN, GRU, and LSTM. Using an ensemble vampire attack detection model for the WSN helps to handle the network from complex and dynamic threats and also collects the required patterns by adapting the dynamic changes. Moreover, it supports reducing the false positive rates for attaining better decision-making.

2.10.2 Need for EDN

In the developed EDN-based vampire attack detection model, different techniques like TCN, RNN, GRU, and LSTM are used for the implementation. RNN is good at collecting the temporal dependencies and also recognizing the most significant patterns over time sequences. It has the ability to process the information presented in the prior steps and also quickly process the sequential data. Yet, RNNs are prone to vanishing gradient issues and also take more time to learn the required details from the sequences. Moreover, it has limited memory with low processing speed and also their training procedures are complicated. Thus, to rectify these issues LSTM is employed, which is good at handling the longer-term dependencies for remembering the prior information and also effectively manages the information flow. In addition, it effectively maintains the flexibility of the network over different variable lengths and supports to maintain the time series forecasting. However, their implementation expenses are higher, and they also process the data samples slowly. Network complication is increased due to the enormous memory requirement while processing the large samples. In some cases, they are prone to overfitting issues while training procedures are executed and also lead to poor generalization among the unseen data. Hence, to tackle these issues, GRU is suggested to use in the network as it has quick training efficiency. The architecture of GRU is simple and also good in handling large dependencies by maintaining proper training to address the vanishing gradient issues. Moreover, it effectively reduces the overfitting problems by maintaining higher stability in the network. Yet, they are lagging in collecting the most suitable patterns with higher understanding rates. In some cases, they are limited to interpretability. It wasn’t able to maintain better balancing in different classes, and also managing the memory is complex. In order to rectify all these problems, TCN is considered which is capable of minimizing the training time and also effectively maintains the flexibility while collecting the longer-range dependencies. This technique supports parallel processing with a proper training procedure. It is suitable to use in real-time detection by avoiding information loss. Yet, their real-world performance is low and also complicated to identify the relationship among the events. Moreover, it needs to tackle generalization issues under a wide range of conditions. Hence, it is important to tackle several issues that arise takes place in the prior technique, a new ensemble technique EDN is implemented by considering the strengths of RNN, LSTM, GRU, and TCN, which supports accomplishing better vampire attacks in WSN.

2.10.3 Working of EDN

In the developed EDN-based vampire attack detection model, optimally selected features ${\text{Fe}}_{f}^{{{\text{op}}}}$ are used as the input. Here, the inputs are given to RNN, LSTM, GRU, and TCN. Next, the 1st set of attack detected scores is attained from RNN, 2nd set of attack detected outcomes is obtained from LSTM, 3rd set of attack detected outcomes is acquired from GRU and 4th set of attack detected scores is gathered from TCN. Next, the attained four sets of detected scores are forwarded to the fuzzy ranking phase. Here, a fuzzy ranking procedure is used to execute the vampire attack detection procedure and accomplish the vampire attack detection outcome for WSN.

2.10.4 Advantages of EDN over individual model

The developed EDN is designed by considering RNN, LSTM, GRU, and TCN. RNN is good in processing sequential information, and also it is good at remembering prior information. But, the developed EDN is efficient at accomplishing better vampire attack detection efficiency by tackling the overfitting issues. Moreover, it maintains higher robustness over the noisy information and also effectively reduces the errors. LSTM is better at handling the gradient vanishing issues and improves the network adaptability. The EDN is good at maintaining network flexibility and also capable of handling higher-dimensional information. When compared to individual learning models, the detection performance of EDN is greatly enhanced for complex classes. The variance and bias of this EDN are lower and achieve higher vampire attack detection efficiency under the varying environmental factors. The hidden threats are easily detected through EDN, and it is recommended for detecting the vampire attacks.

The basic network details of RNN, LSTM, GRU, and TCN are utilized for constructing the ensemble network for detecting the vampire attacks are detailed as follows.

RNN [27]: RNN is developed based on ANN, and it has the ability to deal with temporal data for providing better detection outcomes. The input vectors are directly mapped to the output vector for processing diverse input sizes. Based on the history of input, it produces output at the end. Input, hidden, and output are the three layers present in RNN. The optimally selected feature ${\text{Op}}_{n}$ is given as the input, $r_{n}$ is the hidden state value, and ${\text{Ts}}_{n}$ is the output. These three variables are determined based on the time step. Previously hidden state values are helpful for the determination of the output value. The hidden state function is mathematically represented in Eq. (15).

$$r_{n} = \varsigma \left( {W_{{{\text{opr}}}} {\text{Op}}_{n} + W_{{{\text{rr}}}} {\text{Op}}_{n} + {\text{bi}}_{r} } \right)$$

(15)

The output state values are provided in Eq. (16).

$${\text{Ts}}_{n} = W_{{{\text{rts}}}} r_{n} + {\text{bi}}_{{{\text{ts}}}}$$

(16)

The weight matrix is denoted by the term $W$,$\varsigma$ is the nonlinearity function, and the term ${\text{bi}}_{r}$ as well as ${\text{bi}}_{{{\text{ts}}}}$ is the hidden state and output state biases. The mapping between functions is carried out in the hidden layer to solve the gradient issues. Finally, it produces a prediction score about the vampire attacks in WSN.

LSTM [27]: The gradient vanishing problems are solved using LSTM. Here, the memory cell is presented to learn the information from the inputs and store the information in short as well as long-term memory. The optimally selected feature ${\text{Op}}_{n}$ is given as input. The previous memory cell state input and hidden state value are represented by the terms $m_{n - 1}$ and $r_{n - 1}$, respectively.

The hidden state value from the previous state is reset by the forget gate, and it is no longer utilized in the current memory cell. The value added in the cell state is preferred by the write gate, and the input gates perform the writing process. Moreover, the input gate decides the amount of information needed to be added in the cell state. The functions related to input, hidden state, and cell state are given as following expressions.

$${\text{fo}} = \varsigma \left( {W_{{{\text{opfo}}}} {\text{Op}}_{n} + W_{{{\text{rfo}}}} r_{n - 1} + W_{{{\text{mfo}}}} m_{n - 1} + {\text{bi}}_{{{\text{fo}}}} } \right)$$

(17)

$${\text{st}} = \tanh \left( {W_{{{\text{opst}}}} {\text{Op}}_{n} + W_{{{\text{rst}}}} r_{n - 1} + {\text{bi}}_{{{\text{st}}}} } \right)$$

(18)

$${\text{it}} = \varsigma \left( {W_{{{\text{opit}}}} {\text{Op}}_{n} + W_{{{\text{rit}}}} r_{n - 1} + W_{{{\text{mit}}}} m_{n - 1} + {\text{bi}}_{{{\text{it}}}} } \right)$$

(19)

$${\text{pu}} = \varsigma \left( {W_{{{\text{oppu}}}} {\text{Op}}_{n} + W_{{{\text{rpu}}}} r_{n - 1} + W_{{{\text{mpu}}}} m_{n - 1} + {\text{bi}}_{{{\text{pu}}}} } \right)$$

(20)

The standard sigmoid activation function is denoted by $\varsigma$, which ranges between $\left[ {0,1} \right]$. No information is passed through in the gate when it lies between 0 and all the information is passed through the gate when it contains the value of 1. The term $W$ indicates the weight matrices of its corresponding states, which are helpful for mapping cell state information to the previous states. These gates play a significant role in controlling the information. The newly updated cell state value by forgetting the previous cell state is given in Eq. (21).

$$m_{n} = {\text{f}}o * m_{n - 1} + {\text{it*st}}$$

(21)

The amount of value produced based on the new cell value is expressed in Eq. (22).

$$r_{n} = {\text{pu}} * \tanh \left( {m_{n} } \right)$$

(22)

Finally, the vampire attack is detected by this LSTM model.

GRU [28]: It is slightly simpler than LSTM, and it consists of two gates, such as an update gate and a reset gate. The flow of information carried over the current state is controlled using the update gate, and the information to be ignored from the previous state is controlled through the reset gate. A huge amount of information is lost when the value of the update gate is larger. More information is ignored when the value of the reset gate is smaller. The frequent activation of reset gates accompanies short-term dependencies, and the frequent activation of update gates accompanies the long-term dependencies. The GRU gate function is represented in the following expressions.

$${\text{st}}_{n} = \varsigma \left( {W_{{{\text{st}}}} \cdot \left[ {r_{n - 1} ,{\text{op}}_{n} } \right]} \right)$$

(23)

$$m_{n} = \varsigma \left( {W_{m} \cdot \left[ {r_{n - 1} ,{\text{op}}_{n} } \right]} \right)$$

(24)

$$\tilde{r}_{n} = \tanh \left( {W_{\dddot r} \cdot \left[ {{\text{st}}_{n} * r_{n - 1} ,{\text{op}}_{n} } \right]} \right)$$

(25)

$$r_{n} = \left( {1 - m_{n} } \right) * r_{n - 1} + m_{n} * \tilde{h}_{n}$$

(26)

$${\text{pu}}_{n} = \varsigma \left( {W_{{{\text{pu}}}} \cdot r_{n} } \right)$$

(27)

The logistic activation function is represented by the term $\varsigma$,$op$ is the optimally selected feature applied to the GRU model,$r_{n}$ is the previously hidden state value $W_{{{\text{st}}}}$, $W_{m}$,$W_{\dddot r}$ and $W_{{{\text{pu}}}}$ are the weight matrices of the reset gate, update gate, hidden state, and output gate. The matrix multiplication between two vectors is performed to provide the vampire attack detection outcome by the GRU.

TCN [29]: The bottleneck effect in recurrent models is solved by the TCN method. The fully CNN gives the same length of output sequence when compared to the input. The residual and dilated connections in the TCN provide efficient vampire detection outcomes. The optimally selected features are forwarded as the input to TCN. The detection ability of TCN is high when compared to other recurrent models. The receptive field of input is enlarged with the usage of dilated convolutions in TCN. The input sequence is represented as ${\text{op}} \in \Re^{n}$, the elements on the dilated convolution operation are indicated by $G$_, and the convolution filter is denoted as $f:\left\{ {0,1,...,t - 1} \right\} \to \Re$. The TCN operation ends with an index of the sequence $z$ given in Eq. (28).

$$G\left( z \right) = \left( {{\text{op}} *_{d} f} \right)\left( z \right) = \sum\limits_{j = 0}^{t - 1} {f\left( j \right)} \cdot {\text{op}}_{z - d \cdot j}$$

(28)

The size of the convolution filter is represented as $t$, the dilation factor is denoted as $d$, and the index of the element based on the input is represented as $z - d \cdot j$. The dilation factor is further improved with regard to the network depth. More suggested detection outcomes are provided with the support of this TCN model, and the interpretabilities of the TCN method are also high.

The structural depiction of the implemented EDN-based vampire attack detection scheme for WSN is given in Fig. 3.

Fig. 3

Representation of proposed EDN-aided vampire attack detection technique in WSN

Full size image

2.11 Fuzzy-based detection score for detecting vampire attack

The vampire attack detection outcome is separately attained from the ensemble models such as RNN, LSTM, GRU, and TCN. Different vampire attack detection outcomes are obtained from these models. The detection scores attained from these networks are ensembled to get the final detection score. The vampire attack detection scores from these models are subjected to the fuzzy ranking approach for attaining the final vampire attack detection results. The detection results are attained by defining the ranking function. More than two fuzzy numbers are evaluated through the membership function. Fuzzy logic [30] performs well in the decision-making process; hence, it is suggested for providing ensemble detection outcomes. In the fuzzy ensemble approach, the class probability or confidence score of detection of each base learner is assumed to obtain the final detection results for each sample [40]. The fuzzification concept is described based on operations, numbers, relations and transformation of values in a fuzzy set. The fuzzy set of information is transformed into the numerical form of data using the defuzzification concept.

The membership function estimates the defuzzified value. In a fuzzy set, each object has a degree of membership that lies in between the values of 0 and 1. The fuzzy set $S$ for the input $Y$ is defined in the following Eq. (29).

$$S = \left\{ {y,\mu_{s} \left( y \right):y \in Y} \right\}$$

(29)

The membership function of $y$ in fuzzy set $S$ is represented by the term $\mu_{s} \left( y \right)$ that ranges in between $\left[ {0,1} \right]$. The final detection value is defined in Eq. (30)

$$\mu_{s} \left( y \right) = \left\{ {\begin{array}{*{20}c} {1,} & {y\,\,{\text{is}}\,\,{\text{strongly}}\,{\text{in}}\,S} \\ {\left( {0,1} \right),} & {y\,\,{\text{is}}\,\,{\text{partially}}\,{\text{in}}\,S} \\ {0,} & {y\,{\text{is}}\,{\text{not}}\,{\text{in}}\,S} \\ \end{array} } \right.$$

(30)

The final vampire attacks detection outcome is produced based on the membership function.

2.11.1 Working of fuzzy ranking

In the developed vampire attack detection model, the fuzzy ranking technique is employed in the attack detection procedures. Initially, the training procedure is carried out in the ensemble deep learning model and accomplished a predicted score. Next, the predicted score attained from each technique, such as RNN, LSTM, GRU, and TCN, is ranked according to its value. Then, the fuzzy ranking procedure is carried out to obtain the fuzzy weights for RNN, LSTM, GRU and TCN. Here, Rank 1 indicates the high membership value, Rank 2 represents the medium membership value, Rank 3 specifies the low membership value, and Rank 4 denotes the very low membership values for the ensemble technique, such as RNN, LSTM, GRU, and TCN. The fuzzy weights support obtaining more accurate decision-making and are also efficient in handling the uncertainties presented in the data to offer reliable outcomes. Generally, the fuzzy ranking is used widely to execute the multi-criteria decision-making in complex cases. Further, the fuzzy weighted aggregation procedure is carried out by considering the weights and the prediction score. In this phase, expert opinions as well as qualitative information are considered for better decision-making. Here, the fuzzy information displays the fuzzy ratings used for the alternatives. At the end, final scores are compared with the threshold value for multi-class prediction and provide accurate vampire attack detection outcomes by considering the higher values.

3 Results

3.1 Experimental setup

The execution of the developed vampire attack detection process was carried out through Python. The maximum number of iterations, chromosome length, and entire population count utilized for the proposed vampire detection approach were 50, 10, and 10, respectively. This approach was evaluated with existing methods to check the efficiency of the investigated model. The classifiers, including RNN [31], LSTM [32], GRU [33], and TCN [34], were used to validate the performance of the developed technique. Eurasian oystercatcher optimization (EOO) [35], light spectrum optimizer (LSO) [36], horse herd optimization algorithm (HHOA) [37], and PFOA [26] were the algorithms considered to evaluate the performance of the suggested vampire detection approach. In order to enhance reproducibility, the code has been uploaded to GitHub, which is available at the link: https://github.com/sumanthvmani/Vampire-Attack-Detection-/tree/main.

Moreover, the various simulation details such as activation function, layer count in EDN, training setting, and hardware details for training associated with the developed vampire attack detection model are offered in Table 3.

Table 3

Simulation details of the developed vampire attack detection approach in WSN

Information about deep network architecture-EDN
Basic Model	Layer Configuration	Units	Activation Function	Outcomes
RNN [31]	Inputs are forwarded to the RNN 1st layer, and move to the dropout layer, then forward to the RNN 2nd layer and finally move to the dense layer	64 to 64	Tanh is the hidden layer, and sigmoid is the final layer	Binary class probability
LSTM [32]	Inputs are given to the LSTM 1st layer and move to the dropout layer, then provided to the LSTM 2nd layer, and finally move to the dense layer	128 to 64	Tanh is the cell state, and sigmoid for gates final processing	Binary class probability
GRU [33]	Inputs are provided to the 1st GRU layer, and then it goes to the dropout layer. Next, given to the 2nd GRU layer and finally forwarded to the dense layer	128 to 64	Tanh is the hidden layer, sigmoid includes the reset and update gates and then final classification is performed in sigmoid	Binary class probability
TCN [34]	Inputs are given to the 1st residual conv block and forwarded to the 1st residual conv block. Later, global average pooling is carried out and forwarded to the dense layer	Conv 1d filters-64, kernel 3 and dilation 1 and 2	ReLU is the conv layer, and Sigmoid is the final layer	Binary class probability
Fuzzy Ranking	Combine the outcomes of RNN, LSTM, GRU and TCN	–	Fuzzy membership function	Final Attack Classification
Training Setting for EDN
Parameter	Setting	Explanation
Optimizer	Adam	Widely used in LSTM, RNN, GRU, and TCN and offers an adaptive learning rate for faster convergence
Loss Function	Binary cross-entropy	Considered for binary classification, like a vampire attack (1) and a benign node (0)
Learning Rate	0.001 (1 e⁻³)	Default value for Adam optimizer and also effectively balances the convergence between stability and speed
Batch size	32 (sometimes 64)	32 for good generalization and 64 for GPU efficiency
Epochs	Up to 150	Epoch-based validation is carried out in experiments
Validation Strategy	fivefold Cross Validation	Ensure higher generalization and robust validation
Callbacks	Early stopping (Save the best model)	Tackles the overfitting and saves the good weights
Hardware used for Training
Hardware Aspect	Details
CPU/GPU	NVIDIA GPU such as RTX 3080
RAM	Greater than 16 GB recommended
Software	Python using TensorFlow/Keras or PyTorch

3.2 Performance criteria

The performance metrics used to estimate the efficacy of the developed vampire attack detection approach are given in Eq. (31)-Eq. (39).

$${\text{Accuracy}} = \frac{{T_{{{\text{PV}}}} + T_{{{\text{NV}}}} }}{{T_{{{\text{PV}}}} + T_{{{\text{NV}}}} + F_{{{\text{PV}}}} + F_{{{\text{NV}}}} }}$$

(31)

$${\text{FPR}} = \frac{{F_{{{\text{PV}}}} }}{{F_{{{\text{PV}}}} + T_{{{\text{NV}}}} }}$$

(32)

$${\text{Precision}} = \frac{{T_{{{\text{PV}}}} }}{{T_{{{\text{PV}}}} + F_{{{\text{PV}}}} }}$$

(33)

$${\text{NPV}} = \frac{{T_{{{\text{NV}}}} }}{{T_{{{\text{NV}}}} + F_{{{\text{NV}}}} }}$$

(34)

$${\text{F1 - score}} = \frac{{2T_{{{\text{PV}}}} }}{{2T_{{{\text{PV}}}} + F_{{{\text{PV}}}} + F_{{{\text{NV}}}} }}$$

(35)

$${\text{MCC}} = \frac{{T_{{{\text{PV}}}} \times T_{{{\text{NV}}}} - F_{{{\text{PV}}}} \times F_{{{\text{NV}}}} }}{{\sqrt {\left( {T_{{{\text{PV}}}} + F_{{{\text{PV}}}} } \right)\left( {T_{{{\text{PV}}}} + F_{{{\text{NV}}}} } \right)\left( {T_{{{\text{NV}}}} + F_{{{\text{PV}}}} } \right)\left( {T_{{{\text{NV}}}} + F_{{{\text{NV}}}} } \right)} }}$$

(36)

$${\text{FDR}} = \frac{{F_{{{\text{PV}}}} }}{{F_{{{\text{PV}}}} + T_{{{\text{PV}}}} }}$$

(37)

$${\text{Specificity}} = \frac{{T_{{{\text{NV}}}} }}{{T_{{{\text{NV}}}} + F_{{{\text{PV}}}} }}$$

(38)

$${\text{Sensitivity}} = \frac{{T_{{{\text{PV}}}} }}{{T_{{{\text{PV}}}} + F_{{{\text{NV}}}} }}$$

(39)

Here, true positive, false negative, false positive, and true negative values are indicated as $T_{{{\text{PV}}}}$,$F_{{{\text{NV}}}}$,$F_{{{\text{PV}}}}$, and $T_{{{\text{NV}}}}$, respectively.

3.3 Performance analysis of the proposed vampire attack detection model

The capability of the recommended deep learning-aided vampire attack detection approach in WSN is evaluated among other classifiers to ensure its efficacy. The graphs in Fig. 4 show the outcomes of the designed E-PFOA-EDN-based vampire attack detection model with respect to various measures by varying the epochs. The precision of the suggested E-PFOA-EDN is 6.31%, 8.42%, 5.26%, and 4.73% higher than RNN, LSTM, GRU, and TCN, respectively, for the epoch size of 150. The potential of the developed vampire detection model is estimated using epoch-based analysis. Thus, the results showed that the presented model has the ability to save network features including power and bandwidth also improves the routing path by effectively recognizing the vampire attacks in WSN.

Fig. 4

Performance validation on developed vampire attack detection scheme in WSN among other techniques in terms of a Precision, b FPR, c NPV, d Accuracy, e Sensitivity, f F1-score, g Specificity, h MCC, i FPR, and j FNR

Full size image Full size image

3.4 Numerical analysis of the developed vampire attack detection technique

The numerical estimation of the investigated vampire attack detection model is conducted to verify its detection performance. The results of the proposed E-PFOA-EDN are compared with other classifiers by varying the k-fold, and the outcomes are presented in Table 4. The F1-score of the developed E-PFOA-EDN-based vampire attack detection model in WSN is increased over RNN, LSTM, GRU, and TCN with 5.80%, 5.11%, 3.57%, and 5.25% at a k-fold value of 5. The table shows the numerical results for a 5 k-fold analysis for four different existing techniques. The high generalization ability of the proposed vampire attack detection model is proven from the k-fold analysis results.

Table 4

Numerical evaluation on investigated vampire attack detection approach in WSN

Performance measure	RNN [31]	LSTM [32]	GRU [33]	TCN [34]	E-PFOA-EDN
1-Kfold
Sensitivity	90.39216	89.41176	90.58824	91.96078	95.68627
Specificity	89.13858	90.82397	91.38577	91.38577	94.75655
NPV	90.66667	89.98145	91.04478	92.24953	95.83333
FDR	11.17534	9.70297	9.055118	8.932039	5.426357
F1-score	89.60155	89.85222	90.76621	91.5122	95.12671
MCC	79.51103	80.2571	81.98183	83.33202	90.4249
2-Kfold
Sensitivity	88.86311	90.0232	91.18329	93.96752	96.05568
Specificity	88.43537	90.70295	90.92971	90.70295	94.78458
NPV	89.0411	90.29345	91.34396	93.89671	96.09195
FDR	11.75115	9.55711	9.237875	9.192825	5.263158
F1-score	88.55491	90.23256	90.97222	92.36032	95.39171
MCC	77.29421	80.73125	82.10954	84.68718	90.83453
3-Kfold
Sensitivity	91.7847	90.65156	90.93484	91.7847	96.03399
Specificity	89.44444	88.88889	91.66667	91.66667	95
NPV	91.73789	90.65156	91.16022	91.92201	96.06742
FDR	10.49724	11.11111	8.547009	8.474576	5.042017
F1-score	90.62937	89.76157	91.19318	91.65488	95.49296
MCC	81.2349	79.54045	82.60736	83.4494	91.0297
4-Kfold
Sensitivity	91.90141	90.14085	91.90141	91.90141	94.71831
Specificity	88.72727	90.90909	91.63636	94.90909	96
NPV	91.38577	89.92806	91.63636	91.90141	94.62366
FDR	10.61644	8.896797	8.098592	5.090909	3.928571
F1-score	90.625	90.61947	91.90141	93.38104	95.39007
MCC	80.69897	81.0406	83.53777	86.8105	90.7067
5-Kfold
Sensitivity	90.05236	92.1466	92.67016	90.57592	96.85864
Specificity	91.62562	90.64039	93.10345	92.11823	95.5665
NPV	90.73171	92.46231	93.10345	91.21951	97
FDR	8.994709	9.74359	7.329843	8.465608	4.639175
F1-score	90.52632	91.19171	92.67016	91.05263	96.1039
MCC	81.70748	82.75285	85.77361	82.72402	92.39298

3.5 ROC estimation

The performance of the developed classification approach is verified by taking an ROC curve analysis. The true positive rate of the designed E-PFOA-EDN-aided vampire attack detection scheme in WSN is analyzed by varying the false positive rate as 0.0, 0.2, 0.6, 0.8, and 1.0. The true positive range of the proposed model gradually starts increasing at a value of 0.1. The developed detection model attained an ROC curve range higher than 0.8. Hence, the suggested model attained an accurate detection result as proved in Fig. 5.

Fig. 5

ROC curve estimation of the designed vampire attack detection mechanism in WSN using deep learning

Full size image

3.6 Confusion matrix

The performance of the investigated vampire attack detection approach in WSN is evaluated by the confusion matrix, and it is shown in Fig. 6. The accuracy metric is computed by this computation matrix. The actual and predicted values are analyzed to form this confusion matrix. From the confusion matrix graph, it is proven that the proposed model’s detection accuracy is high and it reduces the false recognition rates.

Fig. 6

Visualization of the confusion matrix of the presented vampire attack detection model in WSN

Full size image

3.7 Convergence validation

The cost function of the suggested E-PFOA-EDN-based vampire attack detection approach in WSN is analyzed to check the efficacy of the proposed heuristic approach, which is given in Fig. 7. This evaluation is conducted among other optimization approaches by varying the iteration count. The cost function of the recommended E-PFOA-EDN is 27.5%, 25.0%, 23.7%, and 22.5% better than EOO-EDN, GRO-EDN, HHOA-EDN, and PFOA-EDN at the 10th iteration. For all the iteration counts, the proposed model provides consistent outcomes without any decrease or increase in the cost function. Therefore, the proposed E-PFOA-EDN model outperformed existing optimization approaches.

Fig. 7

Convergence results of the proposed vampire attack detection scheme in WSN

Full size image

3.8 Statistical evaluation among algorithms

The statistical outcomes of the implemented E-PFOA-EDN-based vampire attack detection method in WSN are given in Table 5. The mean value of the investigated E-PFOA-EDN is 33.14%, 41.06%, 37.29%, and 41.52% better than EOO-EDN, GRO-EDN, HHOA-EDN, and HHOA-EDN. When compared to other heuristic approaches, the proposed algorithm has a high ability to improve the efficiency of vampire attack detection in WSN, as shown in table.

Table 5

Statistical results of the proposed deep learning-assisted vampire attack detection model in WSN among existing optimization algorithms

Performance measures	EOO-EDN [35]	GRO-EDN [36]	HHOA-EDN [37]	HHOA-EDN [38]	E-PFOA-EDN
Standard Deviation	0.268924	0.245996	0.288842	0.564305	0.435739
Worst	2.014531	3.131124	2.639694	3.78633	2.595497
Mean	1.349895	1.430146	1.395025	1.434859	1.01383
Best	1.058759	1.331062	1.224196	1.187997	0.788904
Median	1.474069	1.418677	1.381688	1.187997	0.789499

3.9 Statistical and significance testing on the developed model using confidence interval, t test and ANOVA test

Statistical and significance testing carried out in the developed vampire attack detection model over prior techniques are displayed in Table 6. In the statistical analysis phase, validations are carried out by considering the confidence interval. In the accuracy validation, the developed EDN achieved a higher accuracy as 96.1%, which is higher than the classical techniques. Enhancing the accuracy in the EDN-based vampire attack detection model supports identifying the attacks in the beginning phase. In the significance testing phase, paired t test validation is carried out by adjusting the t and p values. Here, the F-statistic values are 45.87 and also the p values are chosen below 0.05. This validation supports to verify the efficiency of the network by reducing the error rates.

Table 6

Statistical testing on the developed vampire attack detection model in WSN

Analysis on confidence interval
Performance Measures	Accuracy	F1-Score	MCC
RNN [31]	90.5 ± 1.2	0.906 ± 0.015	0.817 ± 0.020
LSTM [32]	91.2 ± 1.0	0.912 ± 0.012	0.827 ± 0.018
GRU [33]	92.7 ± 0.9	0.927 ± 0.011	0.858 ± 0.016
TCN [34]	91.0 ± 1.3	0.911 ± 0.017	0.827 ± 0.019
EDN	96.1 ± 0.7	0.961 ± 0.009	0.923 ± 0.012
Significance testing
Testing	Comparison	t values	p values
Paired t test Analysis	EDN vs RNN [31]	t = 15.47	p = 0.0001
	EDN vs LSTM [32]	t = 31.08	p = 0.0000
	EDN vs GRU [33]	t = 17.70	p = 0.0001
	EDN vs TCN [34]	t = 7.24	p = 0.0019
ANOVA Results	F-statistic = 45.87	p value = 0.000000
Performance of the developed model is statistically significant at p < 0.05

3.10 Statistical testing on developed technique using p value test

In this, various statistical validations are carried out in the developed vampire attack detection model over classical techniques are displayed in Table 7. Here, the significance value is set as 0.005, and also the experiments are carried out through the Friedman Aligned Ranks test procedures. In this phase, statistical values are considered and also p value is adjusted to accomplish better outcomes. This validation is good to identify the errors with parametric tests. Moreover, it enhances the flexibility while the asymptotic validations are carried out. This validation supports eliminating the variations that arise among the samples and experimental conditions.

Table 7

Statistical testing on the developed vampire attack detection model in WSN

Evaluation	Statistic	Adjusted p value	Results
RNN [31] vs EDN	1.78885	0.73638	H0 is accepted
GRU [33] vs RNN [31]	1.34164	1
LSTM [32]vs EDN	1.34164
GRU [33] vs LSTM [32]	0.89443
RNN [31] vs TCN [34]
EDN vs TCN [34]
GRU [33] vs EDN LSTM [32] vs RNN [31] LSTM [32] vs TCN [34] GRU [33] vs TCN [34]	0.44721

4 Discussions

In the developed vampire attack detection model, various issues take place while designing, and they are discussed as follows. Model scalability to larger networks: While analyzing the model scalability among the larger networks leads to huge energy consumption, and also requires a high computational load. Monitoring enormous nodes at the communication phase generates more complications, and also the network complexity is increased while detecting the attacks, which need to be tackled in the upcoming research work. Overhead of deploying four DNNs in resource-constrained nodes: Moreover, the network faces the overhead issues while implementing the ensemble DNN models in terms of consuming more energy, network traffic while communication is carried out, and memory issues. Processing ensemble techniques needs more processing power, which slows the inference time and enhances the network latency by consuming huge bandwidth. Potential adversarial attacks on the model: In some cases, the developed technique may be prone to potential adversarial attacks like data poisoning that corrupts the training data and affects the overall integrity. A potential attack arises in the network, creating a chance for evasion attacks that lead to misclassification issues.

5 Conclusion

A new vampire attack detection model has been developed in WSN for detecting malicious activities in the sensing field to avoid the drainage of power at batteries. The communication phase has been used for the detection of vampire attacks based on the packet ID of the source and destination node. The energy level of the nodes has been calculated to identify the severity level of attacks. The optimal features from the nodes have been selected through the proposed E-PFOA that maximized the relief score among the features, and hence, it improved the vampire attack detection performance in a sensor network. The ensemble deep network has been utilized for the detection of vampire activities, where the RNN, LSTM, GRU, and TCN have been suggested for designing the ensemble network. The detection ability of such an ensemble network was high, and the final detection outcome was obtained by suggesting the fuzzy ranking approach to get better detection results. The detection results were validated with the traditional malicious activity detection approaches by using some positive and negative evaluation measures. The sensitivity, specificity, and F1-score of the implemented vampire attack detection model were attained with 96.85%, 95.56%, and 96.10% for the k-fold value of 5, and these values are more extensive than the conventional approaches. The detected nodes are removed from the sensor network to mitigate these vampire attacks to enhance the transmission performance.

5.1 Future works

In the upcoming vampire attack detection model, it is essential to maintain higher scalability among the large network for tackling certain issues, while communication will be carried out in the network. In addition, the overhead issues that arises in the network will be tackled by considering an advanced hybridized technique to detect the vampire attack. Designing a hybridized technique for a vampire attack detection model effectively reduces the memory space and also network traffic. Furthermore, potential adversarial attacks arising in the network will be tackled by considering an encryption mechanism. The information loss ratio is high in the developed vampire attack detection model. This will be concentrated to improve the transmission performance.

Acknowledgements

Not applicable.

Declarations

Not applicable.

Competing interests

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/.

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

previous article HSG-AGTO: A hybrid heuristic optimization approach for energy-efficient cluster head selection for green communication in IoT networks

next article Aerial BS location optimization for monitoring multiple forest areas with uplink UAV throughput requirements

Metadata
Literature

Title: Fuzzy computation on ensemble deep network for the performance of vampire attack detection model in WSN
Authors: M. Sudha
Rajesh Arunachalam
A. Karthikayen
V. Sumanth
Publication date: 29-11-2025
Publisher: Springer International Publishing
Published in: Journal on Wireless Communications and Networking / Issue 1/2026
Electronic ISSN: 3091-4531
DOI: https://doi.org/10.1186/s13638-025-02540-2

M. Dener, C. Okur, S. Al, A. Orman, Wsn-bfsf: A new dataset for attacks detection in wireless sensor networks. IEEE Internet Things J. 11(2), 2109–2125 (2023)

D Udaya Suriya Rajkumar, R Sathiyaraj, A Bharathi, D Mohan, V Pellakuri, Enhanced lion swarm optimization and elliptic curve cryptography scheme for secure cluster head selection and malware detection in IoT-WSN, Scientific Reports 14, 29869 (2024)

V. Shakya, J. Choudhary, D.P. Singh, IRADA: integrated reinforcement learning and deep learning algorithm for attack detection in wireless sensor networks. Multimed. Tools Appl. 83(28), 71559–71578 (2024)

V. Juneja, S.K. Dinkar, A predictive vampire attack detection by social spider optimized Gaussian mixture model clustering. Concurr. Comput. Pract. Exp. 35(2), e7481 (2023)

K. Mahmood, M.N. Fatima, S. Shamshad, Z. Ghaffar, A.K. Das, M.J. Alenazi, A Cost-effective key agreement encryption protocol for securing IIoT-enabled WSN communication. IEEE Internet Things J. 12(5), 5185–5193 (2025)

Q. Xie, Q. Xie, Security analysis on a three-factor authentication scheme of 5G wireless sensor networks for IoT system. IEEE Internet of Things J. 11(8), 15038–15042 (2024)

O.A. Khashan, N.M. Khafajah, W. Alomoush, M. Alshinwan, Innovative energy-efficient proxy re-encryption for secure data exchange in wireless sensor networks. IEEE Access 12, 23290–23304 (2024)

M. Nouman, U. Qasim, H. Nasir, A. Almasoud, M. Imran, N. Javaid, Malicious node detection using machine learning and distributed data storage using blockchain in WSNs. IEEE Access 11, 6106–6121 (2023)

P. Balaji Srikaanth, V. Nagarajan, Semi-Markov chain-based grey prediction-based mitigation scheme for vampire attacks in MANETs. Cluster Comput. 22, 15541–15549 (2019)

10.

G. Kawde, S. Prabhukhanolkar, S. Tonpewar, K. Belorkar, S.K. Patle, C. Vaidya, Detection of vampire attacks in Ad-Hoc wireless sensor network using PLGP protocol. Int. J. Sci. Res. Comput. Sci. Eng. Info. Technol. 9(1), 195–199 (2023)

11.

S. Madhavi, S.M. Udhaya Sankar, R. Praveen, N. Jagadish Kumar, A fuzzy COPRAS-based decision-making framework for mitigating the impact of vampire sensor nodes in wireless sensor nodes (WSNs). Int. J. Inf. Technol. 15, 1859–1870 (2023)

12.

P. Balaji Srikaanth, V. Nagarajan, A fuzzy trust relationship perspective-based prevention mechanism for vampire attack in MANETs. Wirel. Pers. Commun. 101, 339–357 (2018)

13.

R. Arunachalam, E.D.R. Kanmani, Detection and mitigation of vampire attacks with secure routing in WSN using weighted RNN and optimal path selection. Comput. Secur. 145, 103991 (2024)

14.

J. Zhang, WSN network node malicious intrusion detection method based on reputation score. J. Cyber Secur. Mobility 12(1), 55–76 (2025)

15.

K.H.V. Prasad, S. Periyasamy, Secure-energy efficient bio-inspired clustering and deep learning-based routing using blockchain for edge assisted WSN environment. IEEE Access 11, 145421–145440 (2023)

16.

V.K. Singh, D. Sivashankar, K. Kundan, S. Kumari, An efficient intrusion detection and prevention system for DDOS attack in WSN using SS-LSACNN and TCSLR. J. Cyber Secur. Mobil. 13(1), 135–159 (2024)

17.

S. Amaran, R.M. Mohan, R. Jebakumar, Optimal machine learning based intrusion detection system in wireless sensor networks for surveillance applications. J. Mobil. Multimed. 19(2), 437–450 (2023)

18.

Kalyani S Kumar, Vampire attack: a novel method for detecting vampire attacks in wireless Ad–hoc sensor networks, Int. J. Comput. Appl., 975: 8887, 2017.

19.

V. Juneja, S.K. Dinkar, D.V. Gupta, An anomalous co‐operative trust and PG‐DRL based vampire attack detection and routing. Concurr. Comput. Pract. Exp. (2022). https://doi.org/10.1002/cpe.6557CrossRef

20.

L.M. Alkwai, A.N.M. Aledaily, S. Almansour, S.D. Alotaibi, K. Yadav, V. Lingamuthu, Vampire attack mitigation and network performance improvement using probabilistic fuzzy chain set with authentication routing protocol and hybrid clustering-based optimization in wireless sensor network. Math. Probl. Eng. 2022(4948190), 11 (2022)

21.

S. Anoopa, S.K. Sudha, Detection and control of vampire attacks in ad-hoc wireless networks. J. Eng. Res App. 4(2248–9622), 01–07 (2014)

22.

R. Isaac Sajan, J. Jasper, Trust‐based secure routing and the prevention of vampire attack in wireless ad hoc sensor network. Int. J. Commun. Syst. (2020). https://doi.org/10.1002/dac.4341CrossRef

23.

C.R. Rathish, A. Rajaram, Robust early detection and filtering scheme to locate vampire attack in wireless sensor networks. J. Comput. Theor. Nanosci. 14(6), 2937–2946 (2017)

24.

E.Y. Vasserman, N. Hopper, Vampire attacks: draining life from wireless ad hoc sensor networks. IEEE Trans. Mob. Comput. 12(2), 318–332 (2011)

25.

Mulla, Ms I Raisa, N Rahul. Patil efficient prevention of vampire attack in Ad-hoc wireless sensor network, Int. J. Eng. Res. Gen. Sci., 3(5) (2015)

26.

S. Cao, Q. Qian, Y. Cao, W. Li, W. Huang, J. Liang, A novel meta-heuristic algorithm for numerical and engineering optimization problems: Piranha foraging optimization algorithm (PFOA). IEEE Access 11, 92505–92522 (2023)

27.

M.A. Halim, A. Abdullah, K.A.Z. Ariffin, Recurrent neural network for malware detection. Int. J. Adv. Soft Compu. Appl 11(1), 43–63 (2019)

28.

X. Zhou, Xu. Jianjun, P. Zeng, X. Meng, Air pollutant concentration prediction based on GRU method. J. Phy. Conf. Series 1168, 032058 (2019)

29.

Junyao Huang, Chenhui Lu, Guolou Ping, Lin Sun, and Xiaojun Ye, TCN-ATT: A non-recurrent model for sequence-based malware detection, 178–190, (2020)

30.

K. Das, S. Samanta, U. Naseem, S.K. Khan, K. De, Application of fuzzy logic in the ranking of academic institutions. Fuzzy Info. Eng. 11(3), 295–306 (2019)

31.

A. Venkatesh1 and S. Asha, DERNNet: dual encoding recurrent neural network based secure optimal routing in WSN, Comput. Sys. Sci. Eng., 45(2), (2023)

32.

M.V. Pawar, Detection and prevention of black-hole and wormhole attacks in wireless sensor network using optimized LSTM. Int. J. Pervasive Comput. Commun. 19(1), 124–153 (2023)

33.

S. Cakir, S. Toklu, N. Yalcin, RPL attack detection and prevention in the internet of things networks using a GRU-based deep learning. IEEE Access 8, 183678–183689 (2020)

34.

Lide Wang, Dengrui Wang, Ruifeng Duo, and Haipeng Yan, Detecting temporal attacks: an intrusion detection system for train communication ethernet based on dynamic temporal convolutional network, 3913515, (2021)

35.

A. Salim, W.K. Jummar, F.M. Jasim, M. Yousif, Eurasian oystercatcher optimiser: New meta-heuristic algorithm. J. Intelligent Sys. 31(1), 332–344 (2022)

36.

M. Abdel-Basset, R. Mohamed, K.M. Sallam, R.K. Chakrabortty, Light spectrum optimizer: a novel physics-inspired metaheuristic optimization algorithm. Mathematics 10(19), 3466 (2022)

37.

E.A. Zaimoğlu, N. Yurtay, H. Demirci, Y. Yurtay, A binary chaotic horse herd optimization algorithm for feature selection. Eng. Sci. Technol. Int. J. 44, 101453 (2023)

38.

J. Lansky, S. Ali, M. Mohammadi, M.K. Majeed, S.H.T. Karim, S. Rashidi, Deep learning-based intrusion detection systems: a systematic review. IEEE Access 9, 101574–101599 (2021)

39.

G. Kim, S. Lee, S. Kim, A novel hybrid intrusion detection method integrating anomaly detection with misuse detection. Expert Syst. Appl. 41(4), 1690–1700 (2014)MathSciNet

40.

P.B. Srikaanth, V. Nagarajan, Fuzzy rough set derived probabilistic variable precision-based mitigation technique for vampire attack in MANETs. Wirel. Pers. Commun. 121, 1085–1101 (2021)

41.

G. Ahmed, Gad, particle swarm optimization algorithm and its applications: a systematic review,. Arch. Comput. Methods Eng. 29, 2531–2561 (2022)MathSciNet

42.

J.J. Lotf, M.A. Azgomi, M.R.E. Dishabi, An improved influence maximization method for social networks based on genetic algorithm. Phys. A 586, 126480 (2022)

43.

S. Mirjalili, A. Lewis, The whale optimization algorithm. Adv. Eng. Softw. 95, 51–67 (2016)

44.

A. Karakaya, A hybrid approach for IoT security: combining ensemble learning with fuzzy logic. Sensors 25(18), 5668 (2025)

45.

Y. Alotaibi, M. Ilyas, Ensemble-learning framework for intrusion detection to enhance internet of things’ devices security. Sensors 23(12), 5568 (2023)

46.

A. Hossain, S. Islam, Ensuring network security with a robust intrusion detection system using ensemble-based machine learning. Array 19, 100306 (2023)

47.

S. Ismail, Z. El Mrabet, H. Reza, An ensemble-based machine learning approach for cyber-attacks detection in wireless sensor networks. Appl. Sci. 13(1), 30 (2023)

48.

S. Sivakumar, M.M. Theresa, K. Sudha, K. Sangeethalakshmi, Secure wireless sensor networks: a weighted K-NN and RNN-based approach for attack detection and localization. IETE J. Res. (2025). https://doi.org/10.1080/03772063.2024.2436970CrossRef

49.

K.P. Sharma, R. Hussain, A.A. Jaharadak, A.A. Trawnih, D. Verma, S. Dasi, S. Pant, Hybrid convolutional neural network for robust attack detection in wireless sensor networks. Internet Technol. Lett. 8(6), e650 (2025)

50.

R. Vinayakumar, M. Alazab, K.P. Soman, P. Poornachandran, A. Al-Nemrat, S. Venkatraman, Deep learning approach for intelligent intrusion detection system. IEEE Access 7, 41525–41550 (2019)

Springer Professional

Abstract

Publisher's Note

1 Introduction

1.1 Contributions

1.2 Related Works

1.2.1 Existing Attack Detection Models

1.2.2 Ensemble Techniques used for Attack Detection

1.2.3 Recent Attack Detection Techniques

1.3 Problem Statement

1.4 Work Organization

2 Methods

2.1 Problem formulation

2.2 System model: WSN

2.3 Dataset information

2.4 Developed vampire attack detection technique in WSN

2.5 Optimal feature selection

2.6 Designed E-PFOA

2.6.1 Purpose

2.7 Need for implementing E-PFOA

2.8 Novelty

2.9 Advantages of E-PFOA

2.10 Formulation of EDN-based vampire attack detection

2.10.1 Purpose of EDN

2.10.2 Need for EDN

2.10.3 Working of EDN

2.10.4 Advantages of EDN over individual model

2.11 Fuzzy-based detection score for detecting vampire attack

2.11.1 Working of fuzzy ranking

3 Results

3.1 Experimental setup

3.2 Performance criteria

3.3 Performance analysis of the proposed vampire attack detection model

3.4 Numerical analysis of the developed vampire attack detection technique

3.5 ROC estimation

3.6 Confusion matrix

3.7 Convergence validation

3.8 Statistical evaluation among algorithms

3.9 Statistical and significance testing on the developed model using confidence interval, t test and ANOVA test

3.10 Statistical testing on developed technique using p value test

4 Discussions

5 Conclusion

5.1 Future works

Acknowledgements

Declarations

Ethics approval and consent to participate

Consent for publication

Competing interests

Publisher's Note

Multi-sensor information fusion methods for coal mine exploration in GNSS-denied scenarios

Aerial BS location optimization for monitoring multiple forest areas with uplink UAV throughput requirements

HSG-AGTO: A hybrid heuristic optimization approach for energy-efficient cluster head selection for green communication in IoT networks

SwinJSCC-GAN: enhanced joint source-channel coding for semantic communication with swin transformer and generative adversarial networks

OFDM radar waveform optimization for low grazing angle scenarios using mismatched filter via convex solution

Handover decision techniques for vehicle-to-vehicle communication in 6 G networks: exploring applications, challenges, future trends ahead