Digital forensics

Demystifying Java Internals (An introduction)

Ajay Yadav
October 22, 2013 by
Ajay Yadav

Volume 1

Java is a technology that makes it easy to develop distributed applications, which are programs that can be executed by multiple computers across a network, whether it is local or a wide area network. Java has expanded the Internet role from an arena for communications to a network on which full-fledged applications can be executed. Ultimately, this open source technology gives the impression of network programming across diverse platform.

Learn Digital Forensics

Learn Digital Forensics

Build your skills with hands-on forensics training for computers, mobile devices, networks and more.

This article illustrates these underlying contents in detail:

  • Genesis of Java
  • Java and the World Wide Web
  • Beauty of Java: The "Bytecode"
  • Java Framework Configuration
  • Java Features
  • Summary
  • Before Java, the Internet was used primarily for sharing information, though developers soon realized that the World Wide Web could meet some business needs. The WWW is a technology that treats Internet resources as linked and it has revolutionized the way people access information. The web has enabled Internet users to access Internet services without learning sophisticated cryptic commands. Through the web, corporations can easily provide product information and even sell merchandise. Java technology takes this a step further by making it possible to offer fully interactive applications via the web.

    In particular, Java programs can be embedded into web documents, turning static pages into applications that run on the user's computer. Java has the potential to change the function of the Internet, much as the web has changed the way people access the Internet. In other words, not only will the network provide information, it will also serve as an operating system.

    Genesis of Java

    In 1990, Java was conceived by James Gosling, Patrick Naughton, and Ed Frank at Sun Microsystems. This language was initially known as Oak. Oak preserved the familiar syntax of C++ but omitted the potentially dangerous features, such as pointer arithmetic, operator overloading, and explicit resource references. Oak incorporated memory management directly into the language, freeing the programmer to concentrate on the task to be performed by the program. As Oak matured, the WWW was growing dramatically, and the component team at Sun realized that Oak was perfectly suited to Internet programming. Thus, in 1994, they completed work on a product known as WebRunner, an early browser written in Oak. WebRunner was later renamed HotJava, and it demonstrate the power of Oak as Internet development tool. Finally, in 1995, Oak was renamed Java and introduced at Sun. Since then, Java's rise in popularity has been dramatic.

    Java is related to C++, which is a direct descendent of C. Much of the character of Java is inherited from those two languages. From C, Java derives its semantics. Java is truly an object-oriented, case-sensitive programming language. Many of Java OOPs features were influenced by C++. The original Impetus for Java was not the Internet. Instead, the primary motivation was the need for a platform-independent language that could be used to create software to be embedded in various consumer electronic devices. The trouble with C and C++ is that they are designed to be compiled for a specific target, so an easier and more cost-efficient solution was Java technology, a truly open source technology.

    Java and the World Wide Web

    Today, the web acts as a convenient transport mechanism for Java programs, and the Web's ubiquity has popularized Java as an Internet development tool. Java expands the universe of objects that can move about freely in cyberspace. In a network, two very broad categories of objects are transmitted between a server and your personal computer: passive information and dynamic active programs. For example, when you read your e-mails, you are viewing passive data. However, a second type of object can be transmitted to your computer: a dynamic, self-executing program. For example, a program might be provided by the server to display properly the data that the server is sending. A dynamic network program presents serious problems in the areas of security and portability. As you will see, Java addresses those concerns effectively by introducing a new form of program: the applet.

    Java primarily stipulates two types of programs: applets and application. An applet is an application designed to be transmitted over the Internet and executed by a Java-compatible web browser. An applet is a tiny Java program that can be dynamically downloaded across the network. It is a kind of program that can react to user input and be changed dynamically. On the other hand, an application runs on your computer under the operating system of that computer, such as an application created in the C or C++ language.

    Java technology provides portable code execution across diverse platforms. Many types of computers and operating systems are in use throughout the world, and many are connected to the Internet. For programs to be dynamically downloaded to all the various type of platforms connected to the Internet, some means of generating portable executing code is needed.

    Beauty of Java: The "Byte-code"

    The Java compiler does not produce executable code in order to resolve security and portability issues. Rather, it is Bytecode, which is a highly optimized set of instructions designed to be executed by the Java run-time system, known as the Java Virtual Machine (JVM). The JVM is essentially an interpreter for Bytecode. Translating a Java program into Bytecode helps makes it much easier to run a program on a wide variety of platforms such as Linux, Windows and Mac. The only requirement is that the JVM needs to be implemented for each platform. Once the run-time package exists for a given system, any Java program, can execute on it. Although the details of the JVM will differ from platform to platform, all interpret the same Java Bytecode. Thus, the interpretation of Bytecode is a feasible solution to create a truly portable program.


    In fact, most modern technology such as C++ and C# is designed to be compiled, not interpreted, mostly because of concern about performance. When a program is interpreted, it generally runs substantially slower than it would run if compiled to executable code. The use of Bytecode enables the Java run-time system to execute programs much faster than you might expect.

    To execute Java Bytecode, the JVM uses a class loader to fetch the Bytecodes from a network or disk. Each class file is fed to a Bytecode verifier that ensures the class is formatted correctly and will not corrupt memory when it is executed. The JIT compiler converts the Bytecodes to native code instructions on the user's machine immediately before execution. The JIT compiler runs on the user machine and is transparent to the users; the resulting native code instructions do not need to be ported because they are already at their destination. The following figure illustrates how the JIT compiler works.


    Prerequisite

    In order to write and execute a program written in Java language, we are supposed to configure our workstation with the following software:

    • Java Development Kit (JDK)
    • Java Virtual Machine (JVM)
    • Eclipse Juno IDE
    • Tomcat Web Server (Required for Servlet and JSP)
    • Notepad++ (optional)

    Java Framework Configurations

    A Java program can be built and compiled either by third-party tools, such as Eclipse Juno or Java Development Environment tools, which require some configuration on the user machine in order to run programs, while a third-party tool doesn't. As per the open source nature of Java, such development tools are freely available from the http://java.sun.com website. The following segments specify the configuration of each particular tool in detail.

    Java Development Kit

    The JDK. originally called the Java Development Environment, can create and display graphical applications. The JDK consists of a library of standard classes (core Java API) and collections of utilities for building, testing, and documenting Java program. You need the core Java API to access the core functionality of the Java language. The core Java API includes underlying language constructs, as well as graphics, network, garbage collection, and file input/output capabilities. Here, the JDK utilities are outlined:

    JDK Utilities Description

    Javac The Java compiler converts the source code into Bytecode.

    Java The Java interpreter executes the Java application Bytecodes.

    Javah It generates a C header file that can be used to make a C routine that calls Java method.

    Javap Used to dissemble Java source code. Displays accessible data and functions.

    Appletviewer This is used to execute Java applets classes.

    Jdb This Java debugger allows stepping through the program.

    Javadoc Creates HTML documentation based on source code.

    Keytool This is used for security key generation and management.

    Rmic Create classes that support remote method invocation.

    Rmicregistry Used to gain access to RMI objects.

    Rmid This is used to RMI object registration.

    Serialver This serialization utility permits versioning of persisted objects.

    Jar Allows multiple Java classes and resources to be distributed in one compressed file.

    Jarsigner Implement digital signing for JAR and class files.

    native2ascii This program used to convert Unicode characters to international encoding schemes.

    After installing and configuring JDK, you will see the way these tools are applied to build and run Java application, as illustrated in the following figure:


    First Hello World Java Program

    Java source code can be written with a simple text editor such as notepad. The best IDE is Eclipse Juno, which provides numerous development templates. As you can see, the following console-based Java program simply prints a "Hello world" text on the screen.

    The code defines a Java class called HelloWorld, which contains a single method called main(). When the Java interpreter tries to execute the HelloWorld class, it will look for a method called main(). The VM will execute this function to run the program.

    [java]
    /* HelloWorld.java sample */

    public class HelloWorld

    {

    public static void main(String[] args)

    {

    System.out.println("Hello Word!");

    }

    }

    [/java]

    Save the file with "Helloworld.java" name somewhere on disk. Remember, the class name must be a file name with *.java extension. To compile the sample program, execute the compiler, javac, specifying the name of source file on the command prompt. The javac compiler creates a file called HelloWord.class that contains the Bytecode version of the program. To actually run the program, you must use the Java Interpreter, called java. To do so, pass the class name as a command line argument. The following figure depicts the whole life cycle of Java compilation process as:


    We can gather from the aforementioned sample that a Java program is first compiled and later it is interpreted. The following illustrates the various tools configuration employed during the compilation process.

    By adding a few comments to your Java source code, you make it possible for javadoc to automatically generate HTML documentation for you code. After adding the comments, use the javadoc command and it will make a couple of files:


    It is possible to examine the Bytecodes of a compiled class file and identify its accessible variable and functions. The javap utility creates a report that shows not only what functions and variables are available, but what the code actually does, although at very low level, as in the following:


    Java Features

    In this section, we will look briefly at the major characteristics that make Java such a powerful development tool. This includes cross-platform execution code support, multi-threading, security, and object-oriented features, such as:

    Architecture-Neutral

    One of the main problems facing programmers is that no guarantee exists that if you write a program today, it will run tomorrow—even on the same machine. The processor, operating system upgrades, and changes in the core system resources can make a program malfunction. Java resolves all these issues by introducing "write once, run anywhere" functionality.

    Object-Oriented

    Java is an object-oriented language: that is, it has the facility for OOPs incorporated into language. We can write reusable, extensible, and maintainable software with OOP's support. Java supports all object-oriented mechanisms such as abstraction, inheritance, polymorphism, and encapsulation.

    Interpreted and High Performance

    Java enables the creation of cross-platform programs by compiling into an intermediate representation called Bytecode. This code can be interpreted on any system that provides a JVM. Java is specially designed to perform well on very low-power CPUs. Java Bytecodes easily translate directly into native machine code for very high-performance code by using the JIT compiler.

    Multi-Threading Support

    Java was designed to meet the real-world requirement for creating interactive network programs. To accomplish this, Java supports multithreaded programming, which allows you to write programs that do many things simultaneously. The Java run-time system comes with an elegant yet sophisticated solution for multi-process synchronization that enables you to construct smoothly running interactive systems.

    Distributed Applications

    Java is designed for the distributed environment of the Internet, because it handles TCP/IP protocols. This allows objects on two different computers to execute a procedure remotely. Java has recently revived these interfaces in a package called RMI. This feature brings a non-parallel abstraction to client-server programming.

    Strictly Typed Language

    Java programs provide robust programming by which you can restrict a few key areas to force to find your mistakes early in program design time. Java frees you from having to worry about many of the most common causes of programming errors. Because Java is a strictly typed language, it checks your code at compile time. However, it also checks your code at run time.

    Security

    Security is probably the main problem facing Internet developers. Users are typically afraid of two things: confidential information being compromised and their computer systems being corrupted or destroyed by hackers. Java's built-in security addresses both of these concerns. Java security model has three primary components: the class loader, the Bytecode verifier, and the SecurityManager class. We will dig deeper into these concepts in later articles.

    Final Note

    Learn Digital Forensics

    Learn Digital Forensics

    Build your skills with hands-on forensics training for computers, mobile devices, networks and more.

    This article introduced you to the history of Java, its effect on the WWW, and the underlying Java architecture. It explained the role of the Java development kit in writing program code. We have seen how to write a simple Java console application using JDK utilities such as Java, javac, javadoc, etc. Finally, we come to an understanding of why Java is so popular among the developer community by specifying its advantage over other language. After reading this article, one can easily start programming in Java.

    Ajay Yadav
    Ajay Yadav

    Ajay Yadav is an author, Cyber Security Specialist, SME, Software Engineer, and System Programmer with more than eight years of work experience. He earned a Master and Bachelor Degree in Computer Science, along with abundant premier professional certifications. For several years, he has been researching Reverse Engineering, Secure Source Coding, Advance Software Debugging, Vulnerability Assessment, System Programming and Exploit Development.

    He is a regular contributor to programming journal and assistance developer community with blogs, research articles, tutorials, training material and books on sophisticated technology. His spare time activity includes tourism, movies and meditation. He can be reached at om.ajay007[at]gmail[dot]com