Different security measures have emerged to encounter various Internet security threats, ensuring a certain level of protection against them. However, this does not come without a price. Indeed, there is a general agreement that high security measures involve high amount of resources, ultimately impacting the perceived Quality of Service (QoS). The objective of this paper is to define a framework, dubbed QoS2, that provides means to find a tradeoff between security requirements and their QoS counterparts. The QoS2 framework is based on the multiattribute decision-making theory. The performance of the QoS2 framework is evaluated through computer simulations. A use-case considering worm e-mail detection is used in the performance evaluation. Copyright © 2012 John Wiley & Sons, Ltd.