The majority of wireless sensor network (WSN) security protocols state that a direct connection from an attacker can give them total control of a sensor node. A high level of security is necessary for the acceptance and adoption of sensor networks in a variety of applications. In order to clarify this issue, the current study focuses on identifying abnormalities in nodes and cluster heads as well as developing a method to identify new cluster heads and find anomalies in cluster heads and nodes. We simulated our suggested method using MATLAB tools and the Database of the Intel Research Laboratory. The purpose of the performed simulation is to identify the faulty sensor. Using the IBRL database, sensors that fail over time and their failure model is the form that shows the beats in the form of pulses, we find out that the sensor is broken and is of no value. Of course, this does not mean that the sensor is invasive or intrusive. We have tried by clustering through Euclidean distance that identify disturbing sensors. But in this part of the simulation, we didn't have any data that shows disturbing sensors, it only shows broken sensors. We have placed the sensors randomly in a 50 x 50 space and we want to identify the abnormal node.