DOJO: Applied Cybersecurity Education In The Browser

This paper introduces DOJO, a state-of-the-art, open-source learning platform for hands-on cybersecurity education that aims to minimize barriers for both students and instructors. DOJO draws insight and inspiration from the Capture The Flag (CTF) community, which has pioneered the use of hands-on challenges to teach cybersecurity concepts. DOJO improves upon the accessibility and usability of existing platforms by making available a pre-configured, full-featured learning environment immediately accessible from any device in the browser. Students are able to write code, interact with a shell, explore complex network configurations, debug processes and kernel modules, and more, all from the browser. Instructors can easily deploy DOJO to their own servers with a single docker run command, or use our already-deployed instance to host their own challenges or already existing challenges with a single git push command. DOJO has been successfully used in multiple university courses and workshops, and is available for free to the world, with more than 10,000 students from around the world having already benefited from using DOJO. In this paper, we discuss the infrastructure, design, implementation, and effectiveness of DOJO, and compare it to related work.