The dataset is generated by performing different Man-in-the-Middle (MiTM) attacks in the synthetic cyber-physical electric grid in RESLab Testbed at Texas AM University, US. The testbed consists of a real-time power system simulator (Powerworld Dynamic Studio), network emulator (CORE), Snort IDS, open DNP3 master, SEL real-time automation controller (RTAC), and Cisco Layer-3 switch. With different scenarios of MiTM attack, we implement a logic-based defense mechanism in RTAC and save the traffic data and related cyber alert data under the attack.