The article contains formalized techniques of data poisoning attacks are presented in the form of a set-theoretic model, considering the levels at which poisoning can be carried out. The division of attacks according to levels allows further consideration of each type of poisoning attack to prevent or minimize the consequences of data contamination specific to each level. The model obtained because of the study can be used in further research, the goal of which is to increase the level of unification and automation of data processing and protection methods.