It doesn’t. The paper is describing a method by which you can figure out which randomly assigned portion of the address space you got, by doing a timing attack on the MMU.
By itself this is useless. The point is that the reason people are doing address space randomization in the first place is to make exploiting security flaws such as buffer overflows more difficult.
