In this paper, we propose a sound method to synthesize a permissive monitor using boolean supervisory controller synthesis that observes a Java program at certain checkpoints, predicts information flow violations and applies suitable countermeasures to prevent violations. We introduce an approach for modeling heap and information flow via heap. To improve permissiveness, we train the monitor and remove false positives by executing the program along with its executable model. If a security violation is detected, the user can define sound countermeasures, including declassification to apply in checkpoints. We prove that the monitored program ensures localized delimited release in case of declassifying information and termination-insensitive noninterference in case of no declassification. We implement a tool to automate the whole process and generate a monitor. Our method is evaluated by applying it on the Droidbench benchmark and one real-life Android application.