With the emergence of the Internet of Things (IoT), different IoT nodes such as 6LoWPAN devices can be connected as a network to provide integrated services. Since security and intrusion detection are becoming crucial among IoT devices, real-time detection of the attacks are critical to protect the IoT networks. However, there exists limited research for efficient network intrusion detection systems (NIDS) in the IoT networks. This paper therefore proposes a new NIDS protocol with an efficient replica detection algorithm to increase the utility and performance of existing NIDS, where a number of replica test nodes are intentionally inserted into the network to test the reliability and response of witness nodes. The proposed protocol, Enhanced NIDS, can address the vulnerability of NIDS and improve IoT network security to detect severe compromise attacks such as clone attacks. The simulation study shows that compared to the state-of-the-art SVELTE protocol, the proposed protocol can significantly increase the detection probability and reduce the energy consumption for detecting clone attacks in IoT networks.