We propose the first unified adversarial attack benchmark for Genomic Foundation Models (GFMs), named GenoArmory. Unlike existing GFM benchmarks, GenoArmory offers the first comprehensive evaluation framework to systematically assess the vulnerability of GFMs to adversarial attacks. Methodologically, we evaluate the adversarial robustness of five state-of-the-art GFMs using four widely adopted attack algorithms and three defense strategies. Importantly, our benchmark provides an accessible and comprehensive framework to analyze GFM vulnerabilities with respect to model architecture, quantization schemes, and training datasets. Additionally, we introduce GenoAdv, a new adversarial sample dataset designed to improve GFM safety. Empirically, classification models exhibit greater robustness to adversarial perturbations compared to generative models, highlighting the impact of task type on model vulnerability. Moreover, adversarial attacks frequently target biologically significant genomic regions, suggesting that these models effectively capture meaningful sequence features.

翻译：我们提出了首个针对基因组基础模型（GFMs）的统一对抗攻击基准，命名为GenoArmory。与现有的GFM基准不同，GenoArmory提供了首个全面的评估框架，用于系统性地评估GFMs对对抗攻击的脆弱性。在方法论上，我们使用四种广泛采用的攻击算法和三种防御策略，评估了五种最先进GFMs的对抗鲁棒性。重要的是，我们的基准提供了一个易于使用且全面的框架，用于从模型架构、量化方案和训练数据集等维度分析GFM的脆弱性。此外，我们引入了GenoAdv，这是一个旨在提升GFM安全性的新型对抗样本数据集。实证结果表明，与生成模型相比，分类模型对对抗扰动表现出更强的鲁棒性，这突显了任务类型对模型脆弱性的影响。此外，对抗攻击经常针对具有生物学意义的基因组区域，这表明这些模型有效地捕获了有意义的序列特征。