An improved network protocol for mitigating network amplification attacks is provided. The absolute network load that any transient distributed attack can cause is bounded based on a resource crediting scheme. The protocol accumulates “credit” upon reception and detection of candidate attack request packets, and draws against that credit when transmitting responsive packets. In some implementations, the time frame of such an attack is also bounded using time limits applied to a resource crediting scheme. Other resources may also be bounded by the resource crediting scheme, including without limitation CPU utilization, storage capacity, power, etc.