Abstract: As a hardware oriented security primitive, physical unclonable function (PUF) has a wide application prospect in resource limited Internet of things devices, but its security is also threatened by machine learning attacks. Therefore, by the research on anti-attack circuit structures and machine learning attacks, a novel hybrid anti circuit structure, PUF circuit, is proposed to resist circuit structure attacks. Firstly, two parallel and symmetrically arranged arbiter PUFs (arbiter PUF, APUF) are constructed, and the two APUF outputs are conducted by XOR to obtain a 1-bit PUF response output. Then, a feed forward loop is introduced for the two APUFs to dynamically adjust the input excitation sets, ensuring structural nonlinearity and defending against modeling attacks. Finally, the outputs of two parallel APUF switching units are correspondingly crossed to invert the input excitation of the subsequent switching units, expand the range of signal delay path selection, and improve the random characteristics of output response. The PUF is implemented by using FPGA, and the test results show that even if the number of excitation response pairs used for machine learning training reaches 10⁵, the prediction rate is still close to 50% of the ideal value when using traditional ML for model attack, and the performance indicators of the PUF circuit such as randomness, uniqueness and stability are all good, which has practical application value.