This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
Note that read() returns "-1" when you're at end-of-file. This line
received += is.read(buffer, 0, buffer.length);
is a big mistake, as it uses the return value of read without checking first for the "-1". If anything goes wrong during the transmission, this line is going to bite you.
If you look at your code, you can see that if when you get to end of file prematurely -- if the connection is dropped, or if the value of 'size' is, for some reason, incorrect -- you'll end up calling "write" with -1 as the third argument. Since -1 also looks like a large positive number (2^31), you'll proceed to call write with this large argument over and over until the disk fills up.