serialization
Serialization is the process of converting an object into a stream of bytes to store the object or transmit it to memory, a database, or a file. Its main purpose is to save the state of an object in order to be able to recreate it when needed. The reverse process is called de-serialization. The best way to avoid serialization exploits is never to deserialize anything. There is no reason to use Java serialization in any new system you write.