I would block the IP with iptables
if it were me, and if you have that kind of server level access.
You could also disable xmlrpc. Unfortunately, since 3.5 the admin screen option to disable that feature has been removed. A single line of code should disable it though: add_filter( 'xmlrpc_enabled', '__return_false' );
That might save some overhead from the requests, though it won’t eliminate all of it.