I. Introduction
Java is one of the most widely used programming languages today, owing to its convenience and cross-platform capabilities. According to Statista's 2022 report [1], 33.27% of developers use Java for their programming needs. However, the features that make Java so popular also make it vulnerable to security risks, particularly Java deserialization vulnerabilities (JDVs). In recent years, a number of high-risk and severe-impact JDVs have been identified, such as the Apache Log4j 2 remote code execution vulnerability (CVE-2021-44228) [2]. This vulnerability allows attackers to construct a malicious JNDI injection [3] to execute malicious commands on a remote server by returning a serialized payload. The Cyberint research team found that millions of servers were affected by this vulnerability [4].