Internet of Things (IoT) has caused significant digital disruption to the future of the digital world. With the emergence of the 5G technology, IoT would shift rapidly from aspirational vision to real-world applications. However, one of the most pressing issues in IoT is security. Routing protocols of the IoT, such as the Routing Protocol for Low-power and lossy network protocol (RPL), are vulnerable to both insider and outsider attacks with the insider ones being more challenging because they are more difficult to detect and mitigate. Among the most concerning insider attacks to RPL in IoT applications is the Version Number Attacks (VNAs) that target the global repair mechanisms by consuming resources of IoT devices, such as power, memory, and processing power, to eventually cause the IoT ecosystem to collapse. In this paper, a lightweight VNA detection model named ML-LGBM is proposed. The work on the ML-LGBM model includes the development of a large VNA dataset, a feature extraction method, an LGBM algorithm and maximum parameter optimization. Results of extensive experiments demonstrate the advantages of the proposed ML-LGBM model based on several metrics, such as accuracy, precision, F-score, true negative rate and false-positive rate of 99.6 percent, 99 percent, 99.6 percent, 99.3 percent and 0.0093, respectively. Moreover, the proposed ML-LGBM model has slower execution time and less memory resource requirement of 140.217 seconds and 347,530 bytes, making it suitable for resource-constrained IoT devices.