How can I protect a serialized object if I send a serialized object over the network? I doubt that hackers can interrupt / crack my data.
can anyone talk in detail about how to implement this?
These two presentations provide ideas on how effectively attackers can interfere with the Java serialized stream:
https://www.owasp.org/images/e/eb/OWASP_IL_2008_Shai_Chen_PT_to_Java_Client_Server_Apps.ppt
http://www.andlabs.org/presentations/Attacking_JAVA_Serialized_Communication-slides.pdf
There is also the risk of introducing unexpected behavior and injecting code if a vulnerable class exists in the path to the server class. See this article:
Expected Java Deserialization
java.crypto.SealedObject is what you are looking for.
java.crypto.SealedObject
You can encrypt or use it, but the java serial format is the choice to send over the network. The best solution would be JSON / XML (encrypted or signed with some cryptographic algorithm).
Look at encryption, as mentioned earlier, but more specifically look at the SSL / TLS library hte for network communication in java.
http://juliusdavies.ca/commons-ssl/ssl.html
No need to try to implement secure encryption when there is a very powerful library built into Java.
In my opinion, you can use either SSLSocket or SealedObject . However, this will make things a little heavy for you. However, one of the options is described in this article. http://www.ibm.com/developerworks/library/j-5things1/
SSLSocket
SealedObject
You can use a signed object and a private object to protect the serialization object.