References:
[1] http://rick-hightower.blogspot.co.uk/2014/04/which-is-faster-java-object.html
[2] https://www.darkreading.com/informationweek-home/why-the-java-deserialization-bug-is-a-big-deal/d/d-id/1323237?
[3] https://www.ibm.com/developerworks/library/se-lookahead/
1. Never use Java Serialization ever, major security flaws. Use JSON or XML to translate object into Strings not bytes.
Regarding the vulnerability of Java serialization, please read reference 3.
2. Jackson JSON serialization is much faster than built in Java object serialization.
Boon JSON serialization is much faster than Jackson JSON serialization.