Skip to content

LEET'09: Large Scale Exploits and Emergent Threats

The 2nd USENIX LEET workshop is going to take place on April 21st in Boston next week. The workshop program looks really interesting. There are a number of really interesting talks; here are just a few:

  • Spamcraft: An Inside Look At Spam Campaign Orchestration
  • A Foray into Conficker's Logic and Rendezvous Points
  • A View on Current Malware Behaviors

Last year's workshop was a blast and I expect that next week is going to be lots of fun, too. It is still possible to register on-site for the workshop.
Categories: Malware, News, Security
Defined tags for this entry: ,

Small Libevent 2.0 Performance Test

In preparation for CodeCon, Nick and I wanted to see how HTTP performance differs between Libevent 1.4 and Libevent 2.0. HTTP is a good test case as it exercises many of the optimized components. Here is a preliminary result.

The libevent HTTP server is serving 200,000 bytes of content for each request. Apache's benchmark tool ab was used to make 15,000 requests with 40 requests happening in parallel.

  • 1.4.10:
    Requests per second: 1450.79 [#/sec] (mean)
  • 2.0:
    Requests per second: 1961.99 [#/sec] (mean)
  • 2.0 (evbuffer_add_reference):
    Requests per second: 3979.31 [#/sec] (mean)
In Libevent 2.0, the evbuffer interface was rewritten to avoid memory copies where possible. This seems to result in a 35% performance improvement. The evbuffer_add_reference() API allows external memory to be associated with an evbuffer and thus avoids another memory copy. This results in about 100% performance increase. In comparison to Libevent 1.4, this is almost 175% faster.

In the meantime, Nick is working on making IOCP available for Windows.
Categories: Hacking, Libevent, News, SpyBye
Defined tags for this entry: ,