Dataset for Advanced Persistent Threat (APT) Attacks on Power Substation Networks via GOOSE Protocol Exploitation

This dataset captures network traffic from a simulated Advanced Persistent Threat (APT) campaign targeting a power substation's communication network. The attacker maintains a prolonged presence within the network, conducting low-profile scans using Nmap to stealthily discover the network configuration. The focus is on the communication between the Remote Terminal Unit (RTU), the Programmable Logic Controller (PLC), and the Bay Protection Unit, all of which utilize the Generic Object Oriented Substation Event (GOOSE) protocol for critical operations.