Defense Mechanisms against Machine Learning Modeling Attacks on Strong Physical Unclonable Functions for IOT Authentication : A Review

Security component in IoT system are very crucial because the devices within the IoT system are exposed to numerous malicious attacks. Typical security components in IoT system performs authentication, authorization, message and content integrity check. Regarding authentication, it is normally performed using classical authentication scheme using crypto module. However, the utilization of the crypto module in IoT authentication is not feasible because of the distributed nature of the IoT system which complicates the message cipher and decipher process. Thus, the Physical Unclonable Function (PUF) is suggested to replace crypto module for IoT authentication because it only utilizes responses from set of challenges instead of cryptographic keys to authenticate devices. PUF can generate large number of challenge-response pairs (CRPs) which is good for authentication because the unpredictability is high. However, with the emergence of machine learning modeling, the CRPs now can be predicted through machine learning algorithms. Various defense mechanisms were proposed to counter machine learning modeling attacks (ML-MA). Although they were experimentally proven to be able to increase resiliency against ML-MA, they caused the generated responses to be instable and incurred high area overhead. Thus, there is a need to design the best defense mechanism which is not only resistant to ML-MA but also produces reliable responses and reduces area overhead. This paper presents an analysis on defense mechanisms against MLMA on strong PUFs for IoT authentication. Keywords—IoT authentication; machine learning; modeling attack; Physical Unclonable Function; low area defense


I. INTRODUCTION
In todays' industrial and civil applications, there are vast number of devices that are connected in a network known as Internet of Things (IoT) [1].Thus, many issues such as connectivity, power consumption and security have been arisen due to the implementation of IoT.The challenge in implementation of security is important for such devices because they are exposed to attacks.The designated hardware systems must be secured to avoid nullification of secure software implementation.Because of the owned and exchanged data are open for access, any information in the network must be secured to avoid the intervention of compromised data into systems.The infiltration of the malicious data can impair devices and applications especially for the applications that are highly dependent on data veracity, such as described by Barbareschi et al. [2] and Mukhopadhyay et al. [3].
For such applications, authentication becomes one of the most vital security features [3].Traditional authentication technique for distributed system is typically based on cryptographic modules which are not feasible for implementation in IoT domain.The verifier plays a role as key manager who pre-register every device.The device is expected to use the issued cryptography key to authenticate itself [2].This method requires message ciphering, each IoT device must comprises of at least a cryptography module, to accomplish security primitives requested by the verifier [3].The number of devices within IoT system makes the message cipher and deciphers processes difficult to achieve because of the distributed nature of the identity verifier.Thus, to simplify the authentication process of the IoT devices, silicon Physically Unclonable Function (PUF), has been revisited due to its ability to securely authenticate the IoT devices without requiring messages to be ciphered.The PUF generate unique responses from the set of challenges as the replacement of the cryptographic keys thereby, solve the message cipher and decipher issue.The silicon PUFs employ the unclonability and uniqueness which are produced by the manufacturing process of integrated circuits.These two features are utilized to map a set of challenges (the PUF inputs) to a set of responses (the PUF outputs), which is called challenge-response pairs (CRPs) set.
PUFs with large numbers of CRPs are defined as strong PUFs while PUFs with small numbers of CRPs are classified as weak PUFs.Strong PUFs are originated from delay-based PUFs www.ijacsa.thesai.orgsuch as Arbiter PUF, Ring Oscillator (RO) PUF and Glitch (Anderson) PUF while weak PUFs are typically originated form SRAM PUF.The strong PUFs are suitable to be utilized as direct authentication scheme because they produce large set of CRPs thus the unpredictability is high.As for weak PUFs, they are suitable for key generation in cryptographic-based authentication scheme.However, both strong and weak PUFs are exposed to various kinds of attacks such as machine learning modeling attacks (ML-MA), side channel analysis (SCA), fault injection and physical tampering.This paper presents a comparison analysis on various defense mechanisms against ML-MA on variants of strong PUFs.

II. BACKGROUND OF THE PROBLEM
Strong PUFs can be directly designed to independently authenticate individual devices without the aid of any cryptographic module.There are two sequential steps to accomplish authentication scheme for devices using PUF [4] as described below:  Enrollment: A substantial number of randomly chosen challenges is run by the verifier within the device, runs and the corresponding responses is stored in a secure database for future authentication operations [2].
 Verification: An unused challenge is selected by the verifier from the database to obtain a PUF response from the device.The device is verified by the verifier as authentic due to the unclonability property [2] if the response matches the previously recorded one.
To ensure the authentication scheme succeeds, the verifier must collect many CRPs during the enrollment so that it will have sufficient number of CRPs throughout the authentication process.The response provided by the device must be generated within short authentication period as well as be closely matched to the generated response stored by the verifier.Because of this authentication scheme makes use of large CRPs within short authentication period, the interface between verifier and device must be unrestrictedly open to allow the verification to complete faster.This makes the embedded PUFs in devices are subjected to ML-MA because the volume of CRPs can be learnt by the third party to eventually discard the unclonability property and model the strong PUFs [5].
To prevent other parties from building a model out of these PUF, various mechanisms which can be classified into three categories have been proposed.The first category is designbased where the defense mechanism is added in the architectural design of the PUFs such as adding non-linearity using XOR logics [6], [7], modifying transistor-level design [8], exploiting FPGA blocks [9], [10] and analogizing the digital components [11].The second category is the obfuscation-based where the defense mechanism is performed masking of either challenges [12] or responses [2], [13].The final category is the access control where the defense mechanism complicates the interface access to protect it from being openly accessed.
Although there are considerable numbers of defense mechanisms available, the best defense mechanism which provides low prediction accuracy with minimal area overhead and generates unique and reliable PUFs responses is still not achieved.All the defense mechanisms resist or at least improve the resiliency of the PUFs against the ML-MA however they come with some shortcomings.In the case of design-based defense mechanisms, adding non-linearity using XOR [6], [7], analogizing the digital components [11] and exploiting the FPGA blocks [4], [10] increase the hardware overhead.

III. PUFS: VARIANTS AND ATTACKS
People and objects are regarded as ‗things' in Internet of Things.The monitoring and control of these ‗things' is achieved using devices such as sensors and actuators via communication technologies.The services such as device monitoring, device control, and device search are also delivered in IoT system.The users are provided with applications which have user interface (UI) for controlling and monitoring the IoT system.The security component provides authentication, authorization, message and content integrity in an IoT system.However, security is not apparently highlighted as the crucial component in IoT by most of the vendors of IoT system.Barbareschi et al. [2] stated that PUFs is more suitable for IoT authentication as opposed to the cryptographic algorithm because numerous devices in IoT system causes the message cipher and decipher process difficult to achieve.This is because the identity verifier must work in distributed manner, by enrolling every device.Each device is expected to use the issued key to authenticate itself.Furthermore, the generated keys must be secured on the database managed by the verifier and also on non-volatile memories (NVMs), to circumvent loss of data upon power off.
Mukhopadhyay [14] described the weaknesses of using the crypto-based authentication schemes for IoT-based light-switch system.In this system, smart bulbs with proximity tags, Bluetooth low energy (BLE) signal and a Zigbee-based Ethernet/WiFi-enabled bridge were used as the remote lighting control system to help reduce the energy consumption.The use of Zigbee as the wireless medium which is open by design caused the IoT to be susceptible to eavesdropping, jamming and message injection attacks.Due to the mentioned vulnerabilities, the MD5 hash functions were adopted as the authentication method.The MD5 hash functions were computed based on the device's MAC address.However, the usage of MD5 hash functions as the authentication method has two significant weaknesses, namely, the secret white list token was not random (clonability) and the MAC addresses are easily recovered (predictability).
Physical Unclonability Function (PUF) on the other hand, is the physical representation of a function that makes it difficult to clone and produces an unpredictable challenge-response pair (CRP) behavior [14].According to Pappu et al. [15], the PUF is ideally hard to characterize or model, but somehow its CRPs are reliably evaluated [16].Boehm and Hofer [17] described that a PUF utilizes production variability to produce a device-specific output in a form of binary number.A PUF comprises of several components which are defined by local parameter variations.The differences in local parameter variations are known as local mismatches.These local mismatches are merged and directly read out to generate the binary output.Since these local mismatches cannot be controlled externally, a PUF cannot be www.ijacsa.thesai.orgreplicated thereby, it is unclonable.The properties of a PUF are described as follows [3]:  Reliable: The generated response from the set of CRPs correctly represents the identity embedding function.
 Unclonable: It is hard to construct a procedure to reproduce the set of CRPs in a function.
 Uniqueness: It is hard to compute response from the set of CRPs.
Based on these properties, the PUFs possess several properties like MD5 hash functions, in the sense that they are one way.The fact that the PUF response is unpredictable and unclonable makes the PUF response cannot be predicted or computed thereby, it is suitable to replace the MD5 hash functions.However, PUFs come in many variants which must be evaluated to determine which variant is suitable for IoT authentication.

A. Variants of PUFs
PUFs are divided into two variants namely strong PUFs and weak PUFs as shown in Fig. 1.Maes [18] provided a definition on strong and weak PUFs.A PUF is defined as a weak PUFs if it has small challenge set.There is a weak PUFs called a physically obfuscated key (POK) that has only a single challenge.On the other hand, PUFs with a large challenge set are known as strong PUFs and their CRPs are unpredictable whereby it is not possible to build an accurate model of the PUF based on resulted CRPs.

1) Weak PUFs
Weak PUFs are typically used for storing secret keys as alternatives to non-volatile memories (NVMs) such as ROM and Flash.The characteristics of the weak PUFs were listed by Armknect et al. [19] and Ruehmair et al. [20] as follows:  Small and fixed set of challenges where it commonly has only one challenge per PUF instance.
 The access interface to the generated responses is restricted although the adversaries may physically possess the PUF-carrying hardware.
Maes [18] described that weak PUFs are typically designed using intrinsic variations that exist in the integrated circuits.The intrinsic PUFs are cost effective because they are fabricated using standard CMOS logic parts.The first CMOS-based weak PUF was proposed by Lofstrom et al. [21] which utilized the threshold mismatch to identify circuits.Tuyls et al. [22] developed a PUF based on the capacitance sense from specially applied protective coatings.A PUF which is based on a chip-ID circuit was demonstrated by Su et al. [23].The chip-ID circuit was developed based on cross-coupled devices.The ID was evaluated based on the transition of the cross coupled devices from a metastable state to a stable state which is controlled by process variation.Based on the similarity of this design to the feature of SRAM, there were numerous literatures were inspired to perform research and development of SRAM-based weak PUFs.
SRAM PUFs are developed based on the intrinsic threshold variation of the cross-coupled SRAM cells.The cells are differential in nature thereby they are sensitive to variation (uniqueness) and highly immune to common-mode noise (reliable).Because of these features, the cross-coupled SRAM cells are suitable to be design as PUF.Furthermore, the existence of SRAM in nearly all VLSI circuits makes them highly eligible as PUFs.According to Holcomb et al. [24], the CRPs of the SRAM PUFs are generated in the cell during the transition from the off state to an on state.The generated responses are then read out using the standard memory access mechanism [25].There is also another method of producing CRPs which employs the small amount of data retention voltage of cells instead of the power-up state as proposed by Holcomb et al. [26].Apart from SRAM PUFs, there are other types of weak PUFs were proposed which were either still based on memory or non-memory.Examples of PUFs that are based on the memory design characteristics are Flash [27], DRAM [28] and Memristors [29].As for the non-memory PUFs, Kumar et al. [30] proposed the butterfly PUF which utilizes the cross-coupled latches in FPGAs while Simons et al. [31] developed a PUF which is based on bus keepers as an alternative to D Flip-Flop PUF.All the PUFs that were described above only have one designated way to produce the CRPs hence there will be only one challenge per PUF instance.

2) Strong PUFs
As opposed to the weak PUFs, the strong PUFs produce complex CRPs because of different kinds of intrinsic variations in the PUF.The generated responses are acquired from numerous physical components therefore a very huge number of possible challenges must be applied to the PUF.The characteristics of the strong PUFs were detailed by Brzuska et al. [32] and Chen et al. [33] as follows:  Huge and variety set of challenges which avoid the full read-out of all CRPs, although the adversary may physically possess the PUF for ample amount of time.
 Unprotected challenge-response interface where an adversary may arbitrarily apply challenges to the strong PUF and read out the generated responses.
The strong PUFs originate from delay-based PUFs where random variations on the delay of a digital circuit are measured.Arbiter PUF which was first described by Lee et al. [34] is an www.ijacsa.thesai.orgexample of the delay-based PUFs.This type of PUF exploits the variation in the runtime delays of electrical components.The electrical signals in an Arbiter PUF begin their journey through a sequence of k stages where each stage comprises of two multiplexers [35].The exact path for each signal is determined by k external bits which are applied as one bit per stage.The destination of the electrical signals is ended by a final latchbased arbiter element.Arbiter PUFs with k stages have 2 k challenges where each challenge produce one-bit response.The susceptibility of the Arbiter PUF to ML-MA has resulted to the development of more enhanced version of Arbiter PUF.These enhanced versions commonly utilize non-linearity in the original Arbiter PUFs to resist ML-MA [36].The examples of the enhanced version of Arbiter PUFs are Feed-Forward Arbiter PUFs [37], [38], Lightweight PUF [39] and XOR Arbiter PUFs [5].
Another type of Strong PUFs is the ring oscillator PUF (RO PUF) which was introduced by Gassend et al. [40].The ring oscillator in their design is a variant of the switch block-based delay line as proposed for the arbiter PUF.A negative feedback is applied to transform the delay circuit into an oscillator.To enable/disable the oscillation, an additional AND-gate in the loop is utilized [41].To count the number of oscillating cycles during certain time interval, a frequency counter is connected to the oscillating signal.The counter value indicates the oscillating frequency.A simple edge detector processes the oscillating signal to ensure the counter is enabled every time a rising edge is detected [42].The frequency of the ring oscillator is limited to half the clock because of the use of edge detector.The resulted frequency of equally implemented ring oscillators on distinct devices is considered as a PUF response [43].
There is also another kind of strong PUFs which is developed based on glitch behavior of combinatorial logic circuits.Since internal state does not exist in a pure combinatorial circuit, the input signals have total influence on the steady-state output.However, if the logical value of the input changes, transitional effect such as delays occurred whereby some time is required for the output has its steady-state value.The delays are known as glitches which is determined by the differences in time of arrival for the different logical paths from the inputs to an output signal [18].The number, shape and occurrence of the glitches on its output signals will be instancespecific and partially random because these glitches are highly influenced by random process variations.Thus, by accurately measured these glitches, their behavior can be utilized as a PUF response.
Anderson [44] developed a glitch-based PUF construction specifically for FPGA platforms which is known as Anderson PUF.Based on the delay variations in the circuit, a custom logical circuit is implemented.The output of this logical circuit is connected to the preset signal of a flip-flop to captures the glitch in case if it occurs.The output of the circuit is treated as the single PUF response bit.By placing many of these logical circuits on an FPGA, many PUF response bits can be produced.

B. Attacks on PUFs
PUFs are exposed to various types of attacks ranging from invasive to non-invasive as depicted by Fig. 2. According to Wachsmann and Sadeghi [45], the invasive attacks require physical modification of the PUF in order to gain deeper knowledge on the PUFs implementation.This type of attack typically affects the weak PUFs because it only has one challenge thereby performing physical modification is possible.As opposed to the invasive attacks, the non-invasive attacks invisibly collect information without being physically harmful to the PUFs.This type of attack usually occurs to strong PUFs because it has huge numbers of challenges thereby data must be gathered and processed.The next section will describe the types of invasive and non-invasive attacks which are encountered by weak and strong PUFs, respectively.

1) Attacks on Weak PUFs
Weak PUFs are subjected to fault injection and invasive attacks.According to Wachsmann and Sadeghi [45], the objective of the fault injection attacks is to induce erroneous behavior in a PUF through internal manipulation and if the manipulation is combined with cryptanalysis, the fault injection attacks can lead to key recovery attacks.There are many ways for the faults to be injected in a PUF such as by injecting transient faults into specific components of the PUF [46], [47] to attain the PUF response or by operating the PUF under extreme environmental conditions which produces decay effects on memory-based PUFs [48], [49].Another fault-injection attack which is based on the decay effects in volatile memory is presented by Oren et al. [50].This attack manipulates the internal structure of SRAM PUFs which makes them susceptible to cloning.
On the other hand, invasive attacks analyze the PUF hardware to gain the information on the cryptographic secrets stored in a PUF.The reverse engineering and circumvention of active protection mechanisms are the most common forms of invasive attacks.Tarnovsky [51] demonstrated the vulnerability of the algorithms and circuits that are utilized to process the PUF responses to invasive attacks through micro-probing the logic blocks, registers and the bus transfer of PUF devices.As for SRAM PUFs, they are susceptible to extreme operating conditions [52] and physical tampering [53].As a result, the SRAM PUF hardware can be physically inspected and modified [54].Furthermore, it was established by Helfmeier et al. [53] that upon gaining the response of an SRAM PUF, C 1 , a focus ion www.ijacsa.thesai.orgbeam (FIB) can be utilized to alter the circuits of SRAM PUF, C 2 so that C 2 will have a very similar challenge/response behavior as C 1 .

2) Attacks on Strong PUFs
Fault injection and invasive attacks on Weak PUFs are less applicable to Strong PUFs.The most relevant attack method for Strong PUFs is known as machine learning-based modeling attack (ML-MA) which was introduced by Ruehmair et al. [5].There are three common machine learning algorithms namely logistic regression (LR), Support Vector Machine (SVM) and evolutionary algorithms (EA) such as genetic algorithm (GA) and evolution strategies (ES) that are used to perform modeling attacks.Abu-Mostafa et al. [55] defined LR as a supervised machine learning framework which differs from linear regression in as sense that it outputs a probability between 0 and 1 instead of produces ±1 output.As for SVM, it is a tool that utilizes the optimal margin between vectors to determine the best hyperplane and this method requires computing the distances of input vectors from the hyperplane [55].According to Saha et al. [56], GA is designed to handle integer and binary string solutions by mimicking biological evolution like ES using similar concepts such as reproduction, mutation, recombination/crossover and selection.As for ES, they are utilized to generate population heuristically by adapting the generated population to certain environmental conditions [57].The data set is randomized to avoid them from linearly separable but the resulted model must be parameterized to ensure the data set is reliable.
As for other machine learning algorithm such as Bagging and Boosting (B & B), it was first used by Vijayakumar et al. [7] to perform modeling attacks on strong PUFs.B & B are considered as ensemble meta-algorithm approaches as described by Schapire [58].Ensemble learning is a technique of merging the predictions from several classifiers to generate a robust classifier.An emerging machine learning algorithm namely deep learning (DL) was also used to perform modeling attack on strong PUFs as proposed by Yashiro et al. [8].They described that DL has superior performance compared to conventional machine-learning methods on a benchmark test in the field of image recognition.DL is defined by Yashiro et al. [8] as a multilayer neural network where it has more than two layers.The output of a layer acts as input for the following layer.This mechanism allows the partition function to be developed which is used to classify input data in accurate and efficient manner.
According to Rührmair et al. [5], an adversary first collected vast numbers of CRPs from the strong PUF to perform ML-MA.Next, the adversary infer the behavior of the PUF on the unknown CRPs by combining the numerical method with the internal parametric model of the PUF.The impact of ML-MA is surprisingly massive since all strong PUFs including enhanced version of Arbiter PUFs are still vulnerable to this attack.Modeling attacks are inapplicable to weak PUFs, since they only have one challenge per PUF instance.Another attack that is associated to strong PUF is known as side channel analysis (SCA) [59].The adversary performs SCA by observing the nonfunctional metrics of PUF such as the timing information and power consumption to extract information for developing ML-MA.The potential SCA on the design block for processing PUF response such as in fuzzy extractor as discussed by Merli et al. [60].In general, all known SCA on PUF-based systems have some difficulty to attack the main PUF component thereby, they prefer to target the design block that is utilized to process the PUF responses, such as fuzzy extractors.Since SCA alone is difficult to be performed on PUF components, Mahmoud et al. [61] proposed to combine ML-MA with SCA to improve attack performance.

IV. IOT AUTHENTICATION-STRONG OR WEAK PUFS
The basic PUF-based authentication scheme as described by Gassend et al. [40], Devadas et al. [37] and Barbareschi et al. [2] comprises of two phases namely enrollment and verification:  Enrollment: Prior to the deployment, every entity must be enrolled by the verifier.The identity (ID) of every entity is recorded by verifier during the enrollment phase.The verifier also accumulates a substantial subset of CRPs from the device's PUF.The collected challenge-response pairs are stored in the verifier's database (DB) indexed by the entity's ID.
 Verification: The verification phase requires the PUF challenge to be sent to the device where the device analyzes its PUF.The replied response is validated by the verifier to check whether it matches to the response it has in its database.If they match, the device is authenticated, otherwise the authentication is rejected.The used CRP is then omitted from DB.
The success of the above authentication scheme relies on the fact that the verifier must collect many CRPs during the enrolment stage so that the CRPs will not run out as emphasized by Halak et al. [4].According to Maes [18], the PUF responses must reproduced within smaller intra distance to ensure that the replied response matches the stored response in the DB without possibility being predicted.Since the successful authentication relies on the large challenges and unpredictability of the responses, it is implied that the suitable type of PUFs for IoT authentication is strong PUFs.However, the strong PUFs are exposed to the non-invasive attacks as described in Section B. The basic authentication scheme is only secured for a fully unclonable PUFs including the PUFs that are unable to be cloned through machine learning modeling.Strong PUFs which are exposed to ML-MA do not provide secure authentication because the basic protocol cannot differentiate between the real entity with the physical PUF and an adversary with a modeling clone of that PUF.Thus, to be able to provide secure authentication scheme, proper defense mechanisms for strong PUF against modeling attacks and sidechannel analysis must be evaluated.

V. COMPARISON ANALYSIS OF DEFENSE MECHANISMS AGAINST ATTACKS ON PUFS FOR IOT AUTHENTICATION
There are several techniques available as defense mechanism for strong PUFs against non-invasive attacks such as modeling attacks and side-channel analysis.The comparison between the defense mechanisms for strong PUFs against the non-invasive attacks is conducted in Table 1.www.ijacsa.thesai.org  1, the defense mechanisms that were proposed can be divided into three categories namely design, obfuscation and access control.The design category consists of adding non-linearity using XOR logics [6], [7], configuring transistor's gate sizes [62], augmenting interconnects [63], tightening the layout condition [8], exploiting FPGA resources and reconfigurability [9], [10] and modify current PUF design blocks by using analog blocks [11] and reducing feed-forward stages [64].These defense mechanisms provide resistance to machine learning modeling attacks however they come with certain shortcomings.Adding nonlinearity using XOR logics, modifying the PUF design blocks using the analog blocks and exploiting FPGA resources and reconfigurability incur high area overhead.Configuring transistor's gate sizes and augmenting interconnect make the PUF to be susceptible to the transistor aging.Tightening the layout condition and reducing the feed-forward stages generate instable PUF responses.
As for the obfuscation category, the obfuscation is performed either on PUF challenges or responses.The simplest obfuscation technique for PUF challenges was proposed by Rührmair et al. [6] where the challenges' bitlength is increased.Goa et al.
(2013) partially obfuscated the PUF challenges and Zalivaka et al. [65] segregated between strong and weak challenges, eliminated the weak challenges and obfuscated the strong challenges using FPGA resources to successfully resist the ML-MA.As a countermeasure against SCA, Merli et al. [66] masked the challenges with code word.This technique was able to prevent first order DPA.However, all the obfuscations on the PUF challenges generated instable response.Ye et al. [67] solved this issue by instead of directly obfuscating the challenges, the obfuscation was performed the logics for path segments selection for PUF challenges.However, this solution came with the cost of high area overhead.The obfuscation on the PUF responses is typically performed using the crypto module such as AES [2], [15] and elliptic curve [68].These techniques increase the unpredictability of the PUFs, however, still they incurred high area overhead.There is also another technique of obfuscating the PUF responses which utilizes noise bifurcation [69].The downside of this technique is that the software model must be developed and stored on the server's side.
The third category is the access control in which Djik and Rührmair [70] adding the complexity to the access control by performing pre-and post-processing of the CRPs.However, this technique makes the PUFs susceptible to noises.Mukhopadhyay [14] temporarily fused the access point to CRPs to increase the complexity to build ML model but the PUFs are still not directly secured against ML-MA.Another defense mechanism related to access control is developed by Yu et al. [71].The authentication using PUFs was performed by employing lockdown which requires server's permission to obtain new CRPs.This technique makes the PUF's CRPs exponentially difficult to learn but it comes with the cost of high area overhead.

VI. CONCLUSION
There are several defense mechanisms against non-invasive attack particularly ML-MA on variants of strong PUFs for IoT authentication.All these defense mechanisms were claimed to provide resistance or at least improve resiliency of the strong PUFs against ML-MA.Each defense mechanism has their own strengths and weaknesses.The most apparent weakness that they exhibited is either the area overhead is high or the generated PUF responses are instable.The issues regarding PUF responses and area overhead that were incurred by these defense mechanisms must be solved to ensure that the selected variant of strong PUFs for IoT authentication is at their best performance.Thus, there is a gap in determining the most suitable variant of strong PUF that provide best defense mechanism that solve the issue of unreliable responses and high area overhead.To resolve these issues, a suitable variant of strong PUF with reliable responses and low area overhead must be developed for a quality IoT authentication.

TABLE I .
SUMMARY OF COMPARISON ANALYSIS OF DEFENCE MECHANISMS