About This Architecture

Duolingo English Test leverages AWS WAF, CloudFront, and ECS to deliver a secure, globally distributed assessment platform with real-time proctoring and fraud detection. Test takers connect through AWS WAF and CloudFront edge locations to the Test Delivery Engine running on ECS, which orchestrates question delivery, audio synthesis via Amazon Polly, and session state management in DynamoDB. SageMaker performs real-time scoring and anomaly detection on test responses, flagging suspicious behavior, while secure recordings and score reports are encrypted and stored in S3 under IAM and AWS Organizations governance. This architecture demonstrates defense-in-depth for high-stakes testing: edge security prevents attacks, application-layer anomaly detection catches cheating, and governance controls ensure compliance and data isolation across accounts. Fork this diagram to customize security policies, add additional ML models, or adapt the pattern for other proctored assessment use cases. The design balances low-latency delivery with forensic-grade security, critical for standardized testing platforms handling sensitive learner data.

People also ask

How do you build a secure proctored assessment platform on AWS that detects cheating and protects test taker data?

This diagram shows a multi-layer AWS architecture: AWS WAF and CloudFront provide edge security and DDoS protection, ECS runs the test delivery engine, SageMaker detects anomalies in real-time, DynamoDB stores session state, and S3 securely archives recordings and scores under IAM and AWS Organizations governance controls.