Have you looked at your website logs to see if you're getting much traffic, outside of what you see in your analytics account? e.g. spammer and hacker bots can frequently hit WordPress scripts like wp-login.php, wp-comments-post.php, wp-signup.php, xmlrpc.php and that can drive up both MySQL connections and memory use.
If you do find that it's bots, here's some possible mitigation:
- install a login limit plugin (you should anyway!)
- block access to xmlrpc.php unless you need it, e.g. for the Android / iPhone apps
- replace WordPress comments with a 3rd party off-site service, e.g. Disqus, LiveFyre
- block wp-signup.php if you're managing logins some other way, e.g. e-commerce shop signups, Gravity Forms User Registration
By block, I mean disallow access to those scripts from NginX .conf or Apache .htaccess.
As to reworking the WordPress data model, don't. Just make sure you have an object cache -- memcached, APC, redis, etc. Absolutely essential for any non-trivial WordPress website.