This document proposes a lightweight intrusion detection algorithm to detect Sybil attacks in mobile RPL networks for IoT. It discusses RPL and Sybil attacks, proposes an artificial bee colony inspired model for Sybil attacks, and introduces a detection algorithm using nonce IDs, control message counters, and trust factors. The algorithm is evaluated based on accuracy, sensitivity, specificity and other metrics, showing an average 95% accuracy against type-3 Sybil attacks with reduced overhead and energy consumption compared to unsecured mobile RPL.