In large-scale sensor networks, sensor nodes are at high risk of being captured and compromised. Once a sensor node is compromised, all the secret keys, data, and code stored on it are exposed to the attacker. The attacker can insert arbitrary malicious code in the compromised node. Moreover, he can easily replicate such code in a large number of clones and deploy them on the network. This node replication attack can form the basis of a variety of attacks such as DoS attacks and Sybil attacks. In the related studies, as a means of detecting compromised nodes, each node reports its neighbor's ID and location to a witness node with some probability p. The value of p is determined beforehand or from only the number of neighbor nodes. In this paper, we change p according to the locations of nodes. We aim to increase the detection rate of replicated node attacks and decrease the amount of messages. Our analysis and simulations demonstrate that using our protocol in combination with the methods of other studies is more effective than using the methods of the related studies by themselves.