Existing core-set selection methods prioritize improving clean accuracy while neglecting the preservation of adversarial robustness. Method: We empirically discover that easy samples—characterized by low average input gradient norm (AIGN)—exhibit higher intrinsic robustness and lie farther from the decision boundary, thereby establishing the first quantitative relationship between sample difficulty and adversarial vulnerability. Based on this insight, we propose EasyCore, a model-agnostic core-set selection algorithm that constructs a robust core set by selecting low-difficulty samples using AIGN as the selection criterion; the resulting core set is then employed in either standard or adversarial training. Contribution/Results: Extensive experiments across multiple datasets and model architectures demonstrate that EasyCore improves adversarial accuracy by up to 7% under standard training and up to 5% under adversarial training—outperforming state-of-the-art core-set methods. These results validate the effectiveness and generality of enhancing robustness from a data-centric perspective.

Designing adversarially robust models from a data-centric perspective requires understanding which input samples are most crucial for learning resilient features. While coreset selection provides a mechanism for efficient training on data subsets, current algorithms are designed for clean accuracy and fall short in preserving robustness. To address this, we propose a framework linking a sample's adversarial vulnerability to its extit{hardness}, which we quantify using the average input gradient norm (AIGN) over training. We demonstrate that extit{easy} samples (with low AIGN) are less vulnerable and occupy regions further from the decision boundary. Leveraging this insight, we present EasyCore, a coreset selection algorithm that retains only the samples with low AIGN for training. We empirically show that models trained on EasyCore-selected data achieve significantly higher adversarial accuracy than those trained with competing coreset methods under both standard and adversarial training. As AIGN is a model-agnostic dataset property, EasyCore is an efficient and widely applicable data-centric method for improving adversarial robustness. We show that EasyCore achieves up to 7% and 5% improvement in adversarial accuracy under standard training and TRADES adversarial training, respectively, compared to existing coreset methods.