Quantitative security techniques have been proven effective to measure the security of systems against various types of attackers. However, such tech-niques are based on computing exponentially large channel matrices or Markov chains, making them impractical for large programs. We propose a different ap-proach based on abstract trace analysis. By analyzing directly sets of execution traces of the program and computing security measures on the results, we are able to scale down the exponential cost of the problem. Also, we are able to appy statistical simulation techniques, allowing us to obtain significant results even without exploring the full space of traces. We have implemented the resulting algorithms in the QUAIL tool. We compare their effectiveness against the state of the art LeakWatch tool on two case studies: privacy of user consumption in smart grid systems and anonymity of voters in different voting schemes.