WSN is best recognized for monitoring network processing and physical metrics continuously. Self-organizing, infrastructure-less, fault-tolerant networks provide quick, scalable, low-cost, and easy-to-implement deployments in many applications.  Nodes and data security assaults can harm WSNs. As WSN security is a challenge. Nodes in harsh and changing settings make it harder for a wireless sensor network to maintain security. WSN nodes with low resources face several security risks. Most such attacks are black hole, selective forwarding, and DoS. SF is one of the most hazardous WSN assaults. SFA attacks hack legitimate nodes and selectively drop packets. Clustered WSN selective forwarding attackers are the focus of this paper. This study divides nodes by functionality into IN, CH, and MN. The suggested strategy prioritizes malicious node identification over system efficiency. As proposed, WSN efficiency is assessed by maximizing throughput by improving the network's "packet delivery ratio (PDR)" and data transfer. This paper begins with a WSN overview. The paper also covers WSN applications and clustered WSN characteristics. This publication also presents authors' past SF attack recognition works.