What is protecting the mempool from being DDOSd?

The mempool currently seems to contain almost 60K unconfirmed transactions, and the number seems to be growing. According to this question, it seems that unconfirmed transactions are eventually purged.

Other answers indicate that it is impractical to hamper the transactions of others to go through by trying to fill blocks with your own transactions. That question does however not mention problems that the nodes would face in having to deal with a too large number of transactions being passed around (without considering them being included in the block at all).

Would it be possible for a malicious user to send a lot of transactions (say from the same valid address) to the network, aiming to increase the size of the node mempools, and thus cause problems? Has something like this happened?

Or does the purging happen fast enough, and are the unspent transactions small enough, for a growing mempool not to be a problem for the network nodes? Are there any other common features implemented that protect against a bloating of the mempool?

Recent Questions – Bitcoin Stack Exchange