Address Space Dynamics

In Physics, we can use the laws of motion, or the Lagrange equation, to describe the trajectory of an object in a system. An object is described by a state vector–a list of orthogonal dimensions. We can think of a process as a trajectory through a state space. The dimensions are given by the bits of memory, the registers, and the internal state of hardware. Thinking about processes this way allows us to formulate methods to understand their execution externally. Obviously a program's execution is determined by its code, but if this code is not available, we can use observations of its state at discrete points in time and space to glean information about it, for example by feeding a feature vector into an recurrent neural network to predict the next state. We can also use this information to visualize a process over time (e.g. using FFTs and dimensionality reduction techniques) or generate program fingerprints for classification and computation of similarity metrics.

We are currently using these techniques for low-latency malware classification.

Justin Goodman
Undergraduate researcher (REU)

Undergraduate researcher

Ganesh Mahesh
M.S. Research Assistant

Software developer at YottaDB

Brian R. Tauro
3rd Year PhD Student

3rd Year PhD Student

Trevor Pritchett
Undergraduate Researcher

4th year undergraduate at IIT

Kyle C. Hale
Assistant Professor of Computer Science

Hale's research lies at the intersection of operating systems, HPC, parallel computing, computer architecture.