Global Wasserstein Margin maximization for boosting generalization in adversarial training

In recent researches on adversarial robustness boosting, the trade-off between standard and robust generalization has been widely concerned, in which margin, the average distance from samples to the decision boundary, has become the bridge between the two ends. In this paper, the problems of the existing methods to improve the adversarial robustness by maximizing the margin are discussed and analyzed. On this basis, a new method to approximate the margin from a global point of view through the Wasserstein Distance of distribution of representation is proposed, which is called Global Wasserstein Margin. By maximizing the Global Wasserstein Margin in the process of adversarial training, the generalization capability of the model can be improved, reflected as the standard and robust accuracy advantages on the latest baseline of adversarial training.